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Thank you very much for your indulgence. 
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Mr. Perrine? 


subject of Carnivore and 5 ' 0U for me t0 test£ fy 013 £h<3 

trfnSSfnor °' ! C0 r i0n ? toown as Carnivore is really about thSs ^SemntL^i F ® rs , new 
translate the potass, law and pntcOces of telephone wtetaps ,o the dfgSl ralm“ y 

Today s testimony has shown over and over again that there are that , 5 ,„ 
old law, as applied to the Internet, may be leading to problems “ **"“ d,ffia 


'nag interpretations of 




5/24/02 Release - Page 97 

mm 12:17 PM 




■ LEX3S®-NBX!S® 


httpy/web.lexss-nexis.com/ta.L. -•d5^bd3Q5a45l792?6fl5fae?2fS7 


privacy of citizens may be eroded in ways not intended or permitted under current wiretap laws. 


to SSSS32 1 * ty * fVe aways ¥ en an advocate of personal privacy, unrestricted access 
Dm toll Sa?the 4 Sr ff*T aod ^entimi in the ifci/taSSSSfSto? 
to kteStafR? w! ?K C P « ? r , Cen i e . r> 1 a ! so understand the need of law enforcement to be Sle 
to intercept traffic. We spend an awful lot of ttme detecting, analyzing and tracing compute itmsions 


But this is about balance. Hie needs of law enforcement and 
can be a balance between them. 


privacy are not mutually exclusive. There 


SpaSroTreSrime infra / tr u ucture ~ ^d someone did use the word Echelon - 


.ha, KK 1 - ssj sr ^ ati t inffic ’ Wk « 


by a human being or ifS£ ““ “ ,nUy ““ ,he *“* ««■ 

taSdK? IbJ^ ° f<he - 0 “ , ' lf ^ Mic s y« m tat » «* - 

numbers used. And weVe also heard testimon^thM Lf^S.fc^^emiralmuo'Se £' P d°l' 
e-mail addresses. Are they the same? Actually, I think not ^ equivalent to the to and from 

r«t5{^l VOr *t» 1$ - }U ^i a tooi 811(1 its capabilities must be considered in the context of how if m»H „ c ^ 

network that it monito5^CTe?nothkg t?sto^^ through the 

to monitor alt the network E. C ? rwvor * ^? 1 «% ~ using Carnivore 


*&£*££ SSSSSKSZf ? e ^ fa ' skem atSk^at 

installation and the filters during the monitoring process. ** Source code ofthe § y stem 

a“to°^SLr eMmim 0f ,he C0 “ e code ° f the Car ” lv “ re **» «* <h«ir 


of 76 


5/24/02 Release - Pag, 98 

S/9/00 12:17 PIV 





f'X 


LHXrS®-NHXIS® 


h%^/web.texts-ncxis.com*>.unii^^5==<)t>cG05a4S 1 79276{5fse72f57 Ji 





vemication validation organization, would provide only a snapshot of Carnivore's capabilities with n. 
?SwT CarBiV ° re pr0gram actuaI1 y **■»* « » ISP was built from^S^ourcmh^was 


no 


5 a f rn ij°f e u ^ er constai5t development, so the source code snapshot that was reviewed would be 

Imnwibf VY '7 pkl I n * n $ ob as ongoing independen^erijicat^ 

\anoatioq process, you il never know that what was installed was actually what was reviewed And there 

is no source code review that would indicate the filters that were installed in Carnivore at a given ISP on 


a given case. 





a *T — ******** nuwu «^hcu tu uic wwnrci, ana i mmK we've seen that todav 

And applying these old laws, may unintentionally erode constitutional protections in unintended ways 


Law enforcement may need appropriate legal access to internet communications under limited 
SS Sig 8 ” us, be pro f Kd 5' conttoik<1 “<* to ensure that constitutional.. 


Thank you. 


CANADY: Thank vou. 
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One of the first points tliat was made is that Caraivore is used in only very limited wavs* that it's used 
only when an Internet service provider either cannot or will not comply ^SrtSSr. 

Pamter tes ^ fie ^ that & &e one challenge that he's aware of, that incoming e-mail addresses 
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£n thiscase, the solution that the ISP put in place did get all of the outgoing — excuse me — all of the 
incoming e-mail addresses, and it did supply a smaller number of outgoing e-mail addresses to the 
government. They were dissatisfied with that, saying there must have been more outcome e-mail 
addresses. w * 

In fact, we tried to explain, that they're any number of reasons why there may be fewer outgoing e-mails 
then there were incoming e- mails. For example, the target of the investigation might have used a 
web-based e-mail source, rather than using his own resident program. But nonetheless, the U.S. marshals 
were dissatisfied with that solution and informed the ISP that they were coming to install Carnivore 
ivithin two days. That's what prompted the court action that led to the magistrate's order. 

I believe, Mr. Painter then testified that, since that time the ISP has provided excellent cooperation. 

In fact, the ISP has done in subsequent cases what it did in that case. It provided and offered to provide 
ways to comply with orders that it received in ways short of installing Carnivore, and since that time 
Carnivore has not been reinstalled on its system. 

Secondly, in response to a question from the chairman, one of the government witnesses suggested that it 
was the ISP and its implementation and not the Carnivore program itself that caused a crashand 
disrupted the ISP’s system. 

In fact, our experience was that Carnivore was incompatible with this system, requiring the ISP to make 
adjustments w'Mch led to a number of problems, that ultimately led to Carnivore being taken out and 
then the next day the order for its installation expiring. 

Let me say just one other thing about that order. In fact, there was a magistrate’s order, still under seal 
that did require the installation of Carnivore, 


CORN-l^VERE: ^.^ed to work out in the terms of that order what safeguards we could to make sure 
that no more Mormatton could be collected than necessary’. But, in fact, what the magistrate said in that 
order was mat he would welcome the decision on the legality of Carnivore under the” existing legal 
scheme to he decided by a reviewing court. We haven't had that kind of legal review yet, andl don't know 
of a case m which that may occur. - A 

Next, the government witness talked about the number of safeguards that exist to make sure that 
Carnivore does not lead to excessive violations of subscriber privacy. For example, Dr. Kerr testified 
that the filter will ensure that Carnivore acquires only the information that is authorized by a court order 
and suggested that it would be necessary to obtain the assistance of a technician or even perhaps the 

SS?t 0fthe i ISP t0 aite f.the programming of Carnivore so that a rogue agent might gain information 
to which he or she is not entitled. 


Pm not a technician, so I can't really address that point, but I can say that in the case that I was involved 


. ufcurauwi varmvere couia oe Changed with the flip of a switch. Maybe that's correct, maybe it’s 

incorrect, 1 don t know. It does suggest, perhaps, that the proposals that have been discussed earlier for 
independent review of Carnivore really are in order. 
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mS« V ? W J?f #? *Vu e Wl15 be pr< ? tected from invasions of privacy because there is an audit trail that 
makes sure that the filter is correctly set to correspond to what is authorized by the court order and that 
that will be available with the evidence in a prosecution. But in fact that’s a safeguard that exists only if 

Ttere is no requirement to notify the target of a surveillance in a trap-and-trace situation that that 
surveillance took place. So if there’s no way to ensure accountability in that circumstances^ 

t 

As I had mentioned in my April 6 testimony, surveillance was undertaken briefly with Carnivore 

top^and-trace authorization, which, as many people have noted here today, is available only 
[elevance ** certification of relevance by a law enforcement authority; there is no 
requirement of probable cause necessary. J 

\*£ ie «Zh S' m Tr BSChUS asked whether °f I30 , { Carnivore has been used for violations of any other 
laws, such as antitrust laws or consumer protection laws or anything else. The response was given that 
Carnivore can only be used m the event that there are specified federal felonies as set out in Title ffl. 

As a marier of fact, that’s hue only tor Title HI intercept orders. You're not required - or you're not 
limited m the use ol Carnivore, in the event that it's being implemented in response to a trap-and-trace 
or er* ^ e i 0I l ies are s P ea Tied *** Title 1JL All that has to be shown is a certification that the 
prosecutor or the law enforcement agent involved believes that the use of Carnivore would be relevant 
and the information gained would be relevant to an ongoing criminal investigation. 

if r*?iii* ?V ! f° sayis ^^ily just paraphrasing what I’ve written down and that's already 
submitted. And 1 11 just leave it at that and be happy to answer your questions later. 

CANADY: Thank you, Mr. Com-Revere. 


Mr. Blaze? 


BLAZE: Thank you, Mr. Chairman. 

°t Ut that m Y co ?f ents bere do f l necessarily represent the viewpoint of my employer I’m 
here, so to speak, on my lunch hour to provide the scientific and technical perspective. v y 

My interest in the problem of intercepting traffic on the Internet for analysis dates back to rav doctoral 

d2coVSdthen U Lnd 3ST tc tnrtBc that I would analyze as part of my dissertation vvork. What I 
discovered then, and what s certainly become even more the case as we've gone to higher speed and more 

«etw>dcs with more protocols running on top of them, is that die problem of collecting 
data from Internet packets, from the packet level, is a very subtle and difficult one. 


BLAZE. So my comments today address the question not of how do we ensure against the mwdbiiitv of 
malice or misdeeds on the part of law enforcement, but starting from the premise that everybody is acting 
with good will and honest - and perfectly honestly, even still it's difficult to be sun ShSSJSb fcSJ® 
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used to collect information from packets, in the way Carnivore does, are behaving faithfully and reliably. 

In particular, there is a strong possibility that omissions of collected data or garbling of collected data 
could cause misleading results that could put information collected out of context, or collect data 
inadvertently that should be attributed to another source or destination than it may initially appear. 

S?er flotv. 0 Tl tmm u W f y ’ unf ° rtunate1 y “ we in the computer security community learned this over and 
over again, these are hard- won lessons ~ them s no systematic way to deal with large complex systems of 

seSt^cnST^&on 611 ^ &nctIOn ofthe soft%vare is security-critical Certainly, Carnivore is a 

Sev°l 2 {„ P fSfv^5& !{ i eS <^ptex secure systems is that very' often they fail silently. 

mJZ *w?k * V thatlead f .^ e observer to believe that they re working properly, but, in fact, subtle bugs 

mean that there are vulnerabilities or mistakes there anyway, b 

So we have the problem of being concerned with the reliability of data collected by a complex piece of 

rCwI the problem of ensuring that something connected deep within the infrastructure of 

S^^Shv^^>f rOV,d o * 5tSelf v t ulnera S e 10 ****** tampering or could itself be - have control 

taken over by a malicious third party who is able to get access to it by exploiting some bug. 

There'xe two ways that we stumble along in trying to assure ourselves that complex systems that we want 

^ f ? cused revicw by “P® 5 hy *“««. “d I 

strongly adv ocate that the kind of focused review by independent experts that was discussed in the first 
panel be done. But there are limits to what a limited set of experts can ever discover. We discover again 
and again that even after a security audit, new information comes out about the environment in which the 
software may be used or something may have been missed by the pane! of experts that could only be 
known by widespread publication ofthe source code and details ofthe architecture ofthe system. 

The secunty community, pretty much unanimously, supports the idea that source code should be 
published for any system that performs a vital security critical function. And 1 think the Carnivore 
system as a very good ex ample of this* 

°£i ll f ob i ecti °n$ raised to doing this in the case of Carnivore is that it might provide aid and 
comfort to the targets of investigations, who might find ways to circumvent the system. I think in the 
case of Carnivore, the existence - the mere existence and the architectural details ofthe Carnivore 
system don t really provide much help to the - to someone who wants to evade it. It's v'efy'much like 

uUH SKhSHS SKSS^""" be in!eres,c<i >n m ,he d “ i,s of wtehK • “ 


Ca^vorelnkaUations’ n ° ^ advocates P ybHshin S the Stalls - the operational details of specific 


r f omn ; end that " that either - that while neither focused review by independent 
experts nor publication of source code are panaceas and ensure against any possible problem or abuse. 
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M t J tes ® are essentia! steps — widely recognized essential steps that certainly should be done in this < 
■ g And I hope that will happen. 


Thank you. 


CANADY: Thank you, Mr. Blaze. 


Mr. Baker? 



BAKER: I've been on both sides of some of these debates. And I have to say I see both sides of this one. I 
think in some ways, both sides of this debate are stuck in a - in the telephone world. A lot of the 
witnesses, some of the questions, suggest that maybe we could solve this problem by having ISPs take 
responsibility for doing these intercepts themselves. 


And actually I think the FBI has got this about right. If the ISP wants to do it, then they should do it. But 
a you tnko an ISP — a small ISP, and tell them, "You have to do it/' they're going to treat this like an 
expensive unfunded mandate. And there's no reason why they’re going to do it more enthusiastically or 
more privacy- protectively than the FBI. In fact, there’s going to be less oversight. 


Dus is not the phone company that could just hire somebody to do the wiretaps every day and add it to 
the rate base. They're not going to be doing what people saw the phone companies do by way of 
protection if they’re small ISPs and they don’t want to have this role. And I’ll tell you there's plenty of 
ISPs that really don't want this role in spite of the noisier ones who do. 


But I think the FBI and the Justice Department are also living in the past. To say you don't have an 
expectation of privacy in information that is in the hands of a third party in the internet age is just crazy 1 

mean, our entire lives are in the hands of third parties. 


Jo treat the to and from lines in e-mails as though they were just the same as the phone numbers that you 
aial is also bizarre, w e know that the phone company collects those phone numbers because they send us 
a bill with those phone numbers every month. No one expects the ISP to be collecting our to and from 
lines, especially not the from line. They don’t use the from line to deliver the message, you know. That's 
just content, and they should get a Title HI order to collect it. 


So if relying on the ISP doesn't work; if this really is a privacy problem, what should we be doing? 


1 guess I would say a couple of things. First, as Mr, Nadler suggested, w'e ought to be sending notice to 
people when they ve been subjected to this kind of intrusion. We have a system right now that protects 
the privacy of the crooks, but not the innocent people who are investigated. 


You know, if Mr. Davidson were under investigation - he sent that e-mail to Mr, Tavlor, The next step 
that the police would take would be to put a cover on all of Mr. Taylor's e-mails in and out It's perfectly 
relevant to their investigation. They want to know whether he’s also corresponding with other crooks that 
they re investigating. So they’re going to have 60 days or 120 days of Mr. Taylor’s in and out e-mail, just 
automatically. And he'll never know it, because he's not going to get indicted and get to see that 
mtormatioiL 
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There ought to be notice. Only you guys can make that happen. 


There ought to be oversight. The audit provisions, again, are very protective of crooks, but not of 
innocent people. Tire criminal defense attorneys are going to get to see this and they’re going to be able to 
follow that audit trail, but Mr. Taylor, if his e-mail has been intercepted, isn't going to get a chance to see 
that audit. There needs to be somebody who will do that audit on behalf of ordinary citizens; we shouldn't 
be relying on criminal defense attomies to do that for us. 


Last point, if you want to do something about this, you probably ought to do it pretty quickly . That’s 
because Carnivore’s not the only way in which this is going to happen. Tire Communication Assistance 
of Law Enforcement Act had a provision that said, well, everybody has to provide trap-and 
trace-capability. The FBI has said that means packet data carried by carriers has to have a trap-and- trace 
capability. The FCC has said, We're telling everybody, you've got to have something installed - all you 
earners have to have the capability of doing this trap-and-trace by September of 2001 . 


BAKER: We aren’t going to tell you how to do it, but we're going to tell you you have to have it done by 


There’s only one - well, there’s two ways to do it: either let the FBI install Carnivore or you go out buy 
Carntvore on your own. I’m not sure those are really the only solutions that we want to have carriers 
have, but unless the FCC backs off of its deadline and its current mandate, that's what's going to happen 
and it’ll be too late to install a lot of controls. ri 


Thank you. 


CANADY : Thank you, Mr. Baker. 


And last, but not least, Mr. Sachs, and I apologize for not having more table for you there. 


SACHS: That’s OK. I’m going to be very brief in the interest of time. 


My name Is Peter Sachs, and I m the president of ICONN. We’re a small Internet service "provider based in 
New Haven, Connecticut. And I believe I’m one of the small ISP that Mr. Baker may be referring to. 


We do have the capability - in fact, any ISP has the capability of supplying the FBI with exactly what it 
wants in a more accurate, more efficient and more private manner, because we have absolutely no need to 
look at anybody's information, except for the actual target. 


FRANK: Mr. Chairman, could the witness speak up a little more, please? 


SACHS: Any ISP can do this, in as little as two lines of programming code. It doesn’t require any 
machine. It doesn't require any specialized programming skills* beyond the programming skills of a 
normal system engineer at an Internet service provider. 







!itl|jiiSvcbJcxls^exis^ni^.um^?dS^)k5O05a45n92?6f6fae72B? 


To confirm this statement , l asked my system engineer to set up a system to monitor ail of my 
communications. And in less than hour he was able to see evetything that was sent to me or from me on 
his machine in clear legible text. So there's no need for any specialized machine or any, sort of, 
specialized knowledge to be able to do this. 

Carnivore also creates an extreme security risk for an ISP. To allow a third party to attach a computer 
especially a secretive computer that's accessible from a remote location, to an Internet service provider is 
unheard of. It just provides any hacker out there with yet one other doorway into which they can enter 
your network, and essentially destroy your network along with all of the data of all of your customers. 

f 

Carnivore also presents a performance hit for an ISP. The moment you intercept all information flowing 
over an ISP s network, which is what Carnivore does, it causes a bottleneck. Bottlenecks cause 
slowdowns. As all of you know, the Internet is already slow as it is; slowing it down even further, doesn't 
help matters much* * 

Lastly, it may have a chilling effect on the information that ray subscribers or any ISP subscriber sends 
over the Internet. If you're not going to send something because your afraid of its content or perhaps iust 
its destination, it raises very valid First Amendment concerns. 

If tlie ISP gathers the data for the FBI under a court order, the FBI can’t possibly see anything it's not 
supposed to see, because they're only getting what we give to them. If the FBI does the work, they at least 
have the ability to see anything they want, and they do, in fact, have the ability' to see anything they want 
t he former method protects privacy and the latter method invites abuse. 

Since the ISP can provide the ISP with exactly what it wants, without imposing upon the privacy rights of 
all the subscribers, why Carnivore? Why use the most intrusive means if the least intrusive means are 
readily available? 

Thank you. 

CANADY: Well, 1 want to thank all the members of this panel for your very’ helpful testimony. 

I just have one question, related to Mr, Sachs’ testimony'. Mr. Sachs has testified that doing the 
interceptions or executing a trap* and-trace or pen-register order is a simple matter for any ISP; can be 
done m an hour just a little programming and there it is. Now, that’s not consistent with what the FBI has 
told us their understanding is. 

And let me ask -- 1 guess maybe Mr. Blaze and Mr. Perrine would be two who might be in the best 
position to give me your take on whether it’s closer to what Mr. Sachs says or exactly as Mr, Sachs says 
or what the FBI has had to say on that. . 3 

Is it as simple as and I'm not trying to be - single out Mr. Sachs here, but that’s a fundamental question 
ror us to look at. Is it as simple from - in your understanding as Mr. Sachs has presented it, or does he 
have a programmer that has special expertise that other ISPs might not have? 


PERRINE: Well, I can address that from the standpoint of tracing computer intrusions and attempted 
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intrusions, I would say probably 30 to 50 percent of the ISPs that we contact don’t keep much in the wav 
of logs. We tend to deal with a lot of the smaller ISPs, we tend to see the same ISPs ~ the problematic 
ISPs over and over again. 


I think that it s fair to say that many ISPs could solve this problem if they were motivated to, but it’s not a 
profit center. They aren’t making money cleaning up or preventing computer intrusions at other facilities 
and they certainly aren’t going to make any money providing information to the government. 


PERRINE: They're not financially motivated to do it. Some of them have the technical capabilities and I 
would have to say that there are some of them that do not. 


CANADY: Mr. Blaze? 


BLAZE: Sir, I'd just like to - from a technical perspective, the answer is like most subtle technical 
questions. It depends. 


Die problem with a system like Carnivore, from the point of view of complexity, is that it has to be 
general purpose; it has to work under a wide variety of operational conditions; and it has to work to 
collect a wide range of kinds of information, depending on what the court order is asking for. 


Some ISPs may already have in their network, for example, logs of information. They may have for 
example, port replication capabilities on switches that allow' them, much more conveniently than an 
external tool, to collect the kind of data that Carnivore or a Carnivore-like system could only collect 
with some trouble and with some difficulty assuring yourself that it’s operating correctly. 


In other cases, there may not be the exact capability required, so, it depends. 


PERRTNE; Ifl could just add — if the equivalent of Carnivore were available in open source, that would 
make the ~ that would lower the barriers to entry for the smaller and less technically capable ISPs to 
provide this information. 


And I think that this is something that is quite feasible. It's not a six-day project, it's not a six-year project 
it s probably on the order of I think maybe three to nine months at the outside for the open source 
community to reproduce large parts of the Carnivore system. And that would make it easier for smaller 
ibPs to provide this mforroation themselves. 


DAVIDSON: Could f just jump,.. 


CANADY: Mr, Davidson, sure. 


DAVIDSON; Perhaps part of the problem in coming up with an answer is that we don't know exactly 
what Carnivore is doing. There seems to be a certain subtlety of analysis that the FBI is seeking. And 
perhaps the FBI’s interpretation of what numbers dialed on a telephone is, in terms of extrapolating it to 
the Internet, might be different from what many of us would think it would be, J 
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W h ^^ eb - l «xis-ncxh.coOT^.un^d5^)lKO05a453?9276f5fac72B : r6fa4# 

St"’ tao^tatS^'to' q "' Sti0n ^ * h " te 1SPs - *> «*“ Carnivore does until we, 3 
CANADY; Well I understand that. But I also understand the FBI's problem with making the 
SS'SS' 1 may that »»>* ***P —« product C could t used to fte‘ wav 


m the way 


^^^^alc'th^you ^o^flo^d^ogqiKaiwisfiom^^mraittee and 

And I recognize the gentleman from North Carolina, Mr. Wait 
WATT: Thank you, Mr. Chairman. 


And m the interests of time, HI tty to be very brief, too. I've got two technical questions also. 

Am fmSak^n p ?j slbibt >' °^ in S something similar to Carnivore on an open source basis 

to *1 -«f P^f Wouldn't that, in effeS mSe 

Carnivore syste^s^lM^^^^lo^^^o^yvflolenfM?' 11 ^ ‘ ”* “ “ Radte aaCk m<1 »“* « * 

SlS y^iR^ 1 ! •”» °« ** Carnivore appears lobe functionally similar to 
today. He special S th^^d r^,2*“‘“ g SyStera ; &ee operatto e S >' SK ™ 

ffi^goulU^ 

and also that it can monitor higher speed networks. And I believe that that’s nrobablv Ln a u U L 
of the proprietary code is is in the very high speed monitoring probably where a large part 


^nho b tS|. Ve thSt Uiat ' $ Pr ° bab1y Wh8re 3 large part of tfie proprietary code is, is in the very 

But, as other people have mentioned, the idea is to neck all of the large nines .-in™ in • . 

5SBT ^ ** if ' *“ » - d0 ** *» <k'y d »nt need S SSbl^TSST 

And I drink Matt has... 

nitbif « l— S ; 1 address , ed , some oCthls in my written testimony. But the important noiM is that then's 

F f ° U i ^ e > asic ^tonality of network sniffm. Ifrey’re m 2SEto5 used bT 
anyone who has to administer a network, such as an ISP or a local ir <»3 t I • . * used r^ 
are common place; they’re widely available. ' rl admmistrator - These tools 
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sstfsass£sss55S?^^ 

don t pro\ ide additional interception capabilities, bnt rallier provide these Jeeal assurances and chains of 

aid “b“d%^ ° P “ “““ W0UW b ' nefi ‘ gr “ ,y *>”” *“* to ' provide any'g^t 


WATT: Mr. Baker, it looks like you... 

h&V -n f *f y 1 “k&e FBI is right on this. If you publish exactly bow you're filtering this 
JSSwmeS? ° Wnte th6Ir e ' IBS!l addr£SSeS tod s P° ofth ^ addresses m ways to afoid that 

It’s really not the best idea to publish this. I think the likelihood that the public’s - the open source 
community is gorng to embrace Carnivore as a project is about zero. There are Going to fee vSy few 
benefits from doing that and a lot of costs. b h 10 DC verj IeVt 


S°»i?fi eV j re m ! s f d an l ssuc { | iat 1 want t0 not have him address because he’s already 
matbe K tec}u ” cal ca P a 5 i{ >' address it, but Mr. Blaze and Mr. Perrine and 
remotely^ ’ >b M * S h * M Com ' Revere ra,sed the Prospect that Carnivore could be accessible 


1 tltink 1 understand what that means, that you could - the FBI could sit in an office somewhere else and 
m^Revem?^ 111 ^ mant P u!ate « from some remote location . That’s what you intended, Mr. 


CORN^RE'VERJE: Tliafs correct 


since Mr - Cm * Bm docs "' 1 «* 

PERRINE: Actually, I believe that is the case, 

WATT: It can be remotely... 

PERRINE: I believe that is the case, 1 had a very- limited time to see it, but I believe that is true. 
WATT: Mr. Blaze? 


answer 


precisely whS wi P ^wVm * ? b * md necessU >’ to be reraotely controllable and configurable is 
SotenrSlv tfinf ! h co f P uter sscunt y community, are made very nervous by. That capability 

f ro impkmeTlted ver >'» vei >' carefully, could allow an external attacker - third party -■ to 
gain control of the system and potentially do quite a bit of damage. party to 

WATT. Mr. Davidson, Mr. Sachs, if you'll address that same question quickly. Til leave everybody else 


^ of 
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Carnivore machine is going to be out there accessible remotely means any hacker can get into a system. 
If they could get into the White House and hack that site, they can get into an ISP through Carnivore. 

g ?n configurations remotely to the extent that it's possible, I mean, I think 

inSSSE™ nfil K & ? { d ^pefUjly think exists where an ISP at least is in some ways an 

intermediary of how the device is deployed. And so that raises another concern, 

WATT: Thank you, Mr, Chairman. 

CANADY: The gentleman's time has expired. 

The gentleman from Alabama is recognized for five minutes. 

BACHUS; Thank you. 

a ” y ^ifaiethat any of you can think of why electronic mail or information traveling over the 
pnvSe maii? d ***** **“ protectl0n lhan > say ’ 3 P erson ’ s telephone calls or their faxes or either their 

■4 

: N °' T ,° the . contrar y. I think that in fact it should have at least as great a protection as we 
currently give to voice communications for example in Title III. There's a crying need reallv for the 

of nm?cvthaf I thl f e .f ,C oinmunicati ons Privacy Act to bring it into line with the expectation 

tf privacy that I think that Mr. Nadler suggested and that most of us have. P 

our mosTnrk'stP^ Xwuf °Y m °f !m P ortaot communications. Involves our most sensitive data and 
our most pm- ate thoughts. And we do need to bring, those into line, 

SrnstnS^nli 011 " tfI **2 forjUst 8 second ~ the administration, I think partly in response to the 
Carnivore controversy, made some suggestions the other day. Mr. Podesta made some nronosak In mv 

loSthat 6 g ° ne ° Ugh th0$C proposals in some detai! ' W“» y<>« get a moment, I urge you to take a 

TweiMn?t& S S!^ iS “1 P oin |* 115056 proposes are not a solution to the Carnivore problem. 

whSfffthS it ^ * c ™ a PP^g ^ws, doesn’t get to the heart of the Carnivore problem, 

wmich is that it is a device that does allow the FBI to filter through, potentially to canture hove volume 

of communications, most of which are completely unrelated to the target of ttie investigation 8 



force a service provider to install a device like Carnivore. 






i 

authority to 
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BACKUS: Mr. Davidson? 


DAVIDSON: In the interest of time, Fd rustlike to sav ditto And 4 dd«n*nAW *„u;~u • <u . 
really Just the tip of the iceberg here. } ‘ And add one P om( ’ which IS th « e-matl 


IS 


toW.^f*«5?* part °- the p0mt 1 **! t0 m2ke k that the home has explored; tilings that we used 

°f 0nt0 a netWOrk ' Mdms is a *w«> ftat's only 

S^S2SSSS?SSSSi5SiSS^^ ^o«t ^ &n« 

greatly diminished I SSit-l 1 ff ^ *H ! ^.ofj protection is has under the law is 
Sth that ^ ^ & 1 7 h aIknge here for Uus Confess, to think about how we deal 

=SSSj^^£5;SESS'SSi3.1. t 

Anyone else wish to comment on that? 

I read a question to the first panel which was that you can’t go to the AT&T and sav WeVe mhn ir. 

sys,em - 1 thai ' s “*• ■*«*» &>■* *> lu, isn't 

devi “- thc kW ,ta Mr ' ^SSSSS. - -Ha, 


susSvbuHt^lSl ^ thS ! f ga ^ asis for doin « that to *» hitemet sendee provider is at least equally 
suspect, out it may take an act of Congress to clarify that point. equal ly 


BACH11S: I think clearly the marketplace and technology has outrun the law and m dnin* ™ K ac 
our legal protections that have been in the law for years * W domg has 


; overrun 


experiences, what procedures are typically followed to notify customers 

^ at ! s a ver >' mixed bag. And it depends entirely on the policy of the ISP Some TSP* have a 
policy of sending notice, others do not. There’s no requirement ene my 22o£t 

« £?, ^ The 8<,Vemm “' P,0iMy Sh0 "“ *» ««Nl i". “tar titan 


BACHUS: It’s my understanding that what they're saying is they don’t have 


to give notice if there’s a 
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expectation that if they gave notice the communications would stop. And I think in eve-rv «~ 
here they gave notice, it would he a reasonable expectation that the communications would stop, so. 


^«f«^nce S , we have delayed notice, and I think that that s 


serves a 
“ At least 


CANADY: The gentleman's time has expired; 

The gentleman from Michigan, Mr. Conyers, is recognized, 

i 

C^NYBRS. % ^1, 1 begin by thanking this second panel, because this has served as a very important 
corrective for what we were just told for a couple hours earlier. And Vm sorry to hear tha?w7S?to 
move very rapidly on tins lustier thf* jr4r>/*i* *e ^ ^ 


we're going to have to indulge in F P 101 3 ,BUCB aeeper mv **'8*ti<m *&* 

Let me thank specifically, though, the American Civil Liberties Union because thev in addiHrm n,;<. 

And so I'm glad 


Is there a feeling that we should probably try to require that notice be given to those who are the nkieetr 
of a trap-and-trace measure, or is that getting a little bit too fine - cutti J 

requirements on the Department of Justice? ung ioo ttne a line ui the 

Mr. Cora-Revere? 

OQK1WIEVERE: Well, let me just address that question in the context of the previous one and that » in 
the ease of an ongoing investigation, like with the trap-and-trace order the ISP is exnresslv 5 

mv estigated, then the communications wall cease. So there's no notice before the fact. S 

be ( T V ?f e a l } f st t0 chail 8 e *e law so that anyone's who's been the target of a 
surveillance be notified after the fact, as currently is the case with respect to a Title.III intercept order. 

?J¥PaS? : 1 v T ld juSt - add ** 1 actua{5 y ^ink that there are two more important thmas for 
Internet. secona 18 waning what trap-and- trace and pen register mean for the 

Sp" 

because there s no reasonable expectation of privacy on that information. ’ 
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Smith S?lSKMdUrtSXS^l^&'Tri ,i U"" r re rcally <ta ‘ address ■«. 

co« had to id j£ 23? UK to»S ny ' “ s ,0 » hai 

hear sound. They disclose only Ihe teSrae eSSI TTTff 4 ' TheK devlces do "<* 
Mmmumoato. Neither the report ofly communicate hS fte tSta-’Ste^SSfeall 
their .dentes, nor whether the call was even completed, is disclosed by pS retire P ° f ' lhe CaI1 ’ 

s from tlie kind of information thafs acquired with resneer rh 

of many othe?Sl w?h e-mtolXelSy,'if yS'ahto to geuK ^>ES 1° d f“' S 


“sM'ScOTtet’of a M* tosw SnZ a S* le °r ia com P lcK1 >' different from what 

ag 0 . oi a pen register when the Supreme Court addressed those issues some 25 years 

fx^SteiSSfo^S*’ **■ COn5,m - ,hmk y °“ f “ »•«««** fc «» ACLU. i'll 

* «« now for law 

d^« onitf« i?s cSSiST i gssr, i>a ? nce u,e <“*»• »•**■ *• 

a changing, because, as new technology comes on - a£ tte™ 53SS , ’ *? a com P lex ’ 1 «f 
of assurance that it may not he as big fc i, secntsto bSftffiS&SS! 5S2ft‘MSSTT r WOr<IS 

(CROSSTALK) 

CANADA : The gentleman's time has expired. 

And the gentleman from Arkansas will be recognized. 

HUTCHINSON: Thank you, Mr. Chairman. 
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to^/iwWal^na * 


wfl^f f b ff * during SO ? e of tWs testim °oy } but I want to assure everyone that I've read vour 

present during£p?eS paS tSSr TSdVd “ m*? * *f A ^re probably was 

perhaps Mr. #tS5 P tetrmony, and Idjust hke to ask a genera! question to Mr. Davidson, 


fr^whaU Sered" tomtits ° f ^ ^ 0US pa - ne ! ? Mjmi like t0 ask a taction as to ~ r mean 
Carnivore po|am is P TOc^de7by 15 *’ ** 01 * % eve ^ hfe 8 though to the 

&ere s ^ u J d be sorae ^dependent review of the source codes And 
i mm mats something I had a discussion with them on - you know they’re suWHtoaTt* «,im . 

“odd bo soloupe otonXs 

(o .nunimize it. And so, if you could just commented whether you diw^ee oi^^y ofthose^o^lusiOTS? 
Mr, Davidson? 

thtoktofSS st f* h ? * a >> ng ; 1 , think some of those things actually sound good And I mean I 
think the idea of trying to mmiimze inforaiatioo that’s collected in -t mmivt Tf^t-11 , 1 

surveillance is a good tiling. coiieuea in a context of an Internet, you know, 

HUTCHINSON; And how wou!d you suggest doing that? 

1 1 “* is ‘?"y good one. [f thore oeod, to be , 
opening it up to the public. P P here ’ that s not die same a * d * wouldn't be as good as 


jr ■; — ** z * f,vaxw » w ^u i wu i uuuK n cm oe mat usemi a iftht* hvA 

£S2 5 SSTtoT g0 h d can if be? ** ^ Sat - 

group in here for. P g P 6 ’ But maybe that s what we ^ get an Independent 


I think, but > you know, from a greater point of view, there's sort of thk i*™# u 

this desire on the part, I think of law enforcement to be able to extrapolate everv current esnltomtfVv 
pen registers or trap-and-trace orders into the Internet world Th/> rJL ic *i> * ent capability, like 
them don’t translate very well. W ‘ ^ f 1S ’ that when you do *at, some of 


Pen registers is probably tlie example we’ve talked about the most here. When 


yon - we don't know what 
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tkcy .amt fa the Internet world when we tty to extrapolate them, we get a tot more information... 
(CROSSTALK) 

HUTCHINSON. \ou suggest a higher standard for a pen register for Internet access? 

Absolutely a higher standard and a clearer definition of what it meam Rm j o,i„. *u « 
got to be an understanding that some things thev're coins toTiS r “ <? 1 ^ there §- 
capabilities that the FBI is petfintf at! thf. i S°mgio De ante to do - 1 mean, there are new 
“ < 1 1S gettuig aI1 5he tim& > because of the sea of information that’s out there. 

2£SS8m m?*Tsomfo^^^ «*« !» ».vo to bo a 

hot necessarily a horrible thtog. There's goingto be tots of new took ‘tor faw , eSeSus f eh.'""’ B '‘ 

HUTCHINSON: Mr. Steinhardt? 

' h ‘S <,vernment P»«l nrised mote questions than 

Carnivore is. lea’s! a, So mS. STS he taotato„'S 8 f ‘ *>* «? oni >’ «*» «* 
interception of e-mail. a m implication was to be primarily used was the 


demonstrSI; fofeJai£Sr™bers ofthe press ?“ ° fth °* e - 

Carnivore, that it is capable of analyzing and potentially mterceotine far mnrMb - en ? onstrat mriS of 
a whole range of Internet protocols which Carnivore is LnS 5 ? n n } e ’ raaiK T1iere «e 

to those here today. is capable of filtering for. Ibere was some allusion 


HUTCHINSON: Could I interrupt you here for a s 


second? 


STEINHARDT: Yes. 


order that testrems the use of gathering techniques, .tad so there's almyTcoSiaces to ttal ““ 
taiK”SYcourtTrdeT y ° f ,hcse be abuKd ' “ d lhe !' «uld gather more information but they're 


STEINHARDT: No, no, perhaps I wasn’t clear Congressman Hutchinson. 

“ sh 15 *”’*• bec,use 


re — we need to 



\6M7J 


ft 7& 
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gotten fifes through the file Transfer cSSSSTT ST* ?,f, case 7 had 
Question, but I think there are serious question about whether or not exktxnv law « **? m ^° 

for example with a trap-and- trace order S mg laW pemj,ts them to 8* that 


HUTCHINSON: Thank you. 


CANADY: The gentleman’s time has expired. 

The gentleman from New York, Mr. Nadler, is recognized for five 
NADLER: Thank you Mr, Chairman. 


minutes. 


I have a senes of questions. I hope the answers will be brief because of the time limitation. 
fcS IfeSSte 2S” is .. kW ?f «i®» that there are mar 


(here So. you could have a 

SwSncd? *" 3 S ° m ofinfOT * ,io " ''iotatoS people's privacy and how woSld we know £ it 


has happened? 


S ^wSKffllavoX'Sihlm o 8 ff,r K, ” ly “ vai,ab . ,e “ ifr “P(0g(em » violate some one's 
tile hart part, getttag the sSftiva “to dfthScepSn " 0V ' r th3! ,rafiic fl ‘ nV! ' Tha, ' s 


NADLER: That's what the FBI is 


BLAZE: Right. 


us to let - to mandate the ISPs to do in this case? 


NADLER: OK. Thank you. 

And!^ accessibility of the FBI - of the 


Carnivore system. 


> change evidence and implicate so 


a motivation to do 


BLAZE, ’ft ell, the answer to that depends on the security of the remote access mtpm re to, ~ , . , 

m a secure manner, then the chances of that are very small If it’s X lfjts «np 5em ented 

then the chances of that become quite great... V ' U * s ™ plemented m m ^secure manner. 


L t£ 3SS r me ’ Iet ’ s as * ume 11)31 11)8 P° lk « were under some - we know that this has hatmened 
Xei^e StThd? S ™ d f 5 on, ' 1 ? I ? t pressure to solve some heinous crime and ftey 

S ££SnlV" 8,VC “ llWe ra0re evi<,e ”“- C ™ M «*T <® the Carnes to. is 
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^ ^^Jexb^WKlMO^ 

&e aUditS “* iropkmen{ed m<i “ 0110 of reasons that open 

NADLER. So, the answer is yes, unless you put in safeguards to prevent it? 

BLAZE: Yes, that’s correct. 


6fa47? 


NADLER: OK, so we’d have to stake very clear that. 

/ 

*£ yo " say ">« S»A He _ whatever 

« only be issued on the teis of an K*" 

to believe that the target of the order has or is about to coLito )fth H e 1S reaso «able cause 

the same thing as probable cause, or you mean something difflfentT B reaSonable **“*• >* ou raeao 


STE1NHARDT: Well, it a slightly lesser standard that probable 


cause. 


SfflC £S5?S£^^ »Ss; t t ta ' ma Mbm 

disaetomOT down He SS^T^S Si? ,1°™ !,?S p f? ?«‘tiflfa , ion; the judge has no 


ge has no 


reasonable expectation. 


wheto people do have . reasonable ’ZZSZj&XS S£3£ES, , 


•' cause 
you 


NADLER: And you're suggesting that for the Internet. You're not suggesting that for telephones? 
STEtNHARDT: We believe - no, we are suggesting that for the telephone context as well. 

ea^mion^Tpri vacy is^ Ha^ the^preme Owrt se^ed to thinlfft w^s’yTaR’ag’o? 

‘ STEINHARDT Yes, I think dearly it is, yes. 

NADLER: Why do you say clearly it is? 

reasonable expectadon of^fac^in the numbers ^Tdiai'and iff t0 Jeam lh ? { the >' 41011,1 have « 
common sense. I think the Supreme Court decistondeffes co^non ° ^ 1 thkkthat<s 


NADLER: Mr. Baker wants to say something on this. 
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been due that you couldn’t teH whtttenhe ca^lvvas comok^uhT wrote .? 5 3*“* a 8°> »* might have 
course ofCALEA, the FBI has Sd on flSSdSS^SSf 4 * hat W2$ Said , 3nd the «*»• Butin the 
gathering about calls other thS Sen? nS 0 an ® no f m ?«s amount of transactional data 
iong yotf talked, whethenvw^vi^^n^lTwairin^ trap-and-trace orders: how 

NADLER: Whether it was completed at all. 

i; 

fa ““ ^ *°‘ off "> «“• information would be pat. of a 


KADLER* On telephones today, which was not fee ease and may in fact — so the n *+ *r - 

fa™ « dS, ^ mighl ““ ,0 '» today b«“ efc 

dSm^Stat! A^dConross XptSraVv ^“ k fa 3 <e !?> phrae cont ' xt - <wt*My ir 

Congress s« the S,and ” ds fcr «** 


md?oS *i ! P“«l ta patrol in particular 

un trammeled discretion, and we cannot ahvavs »«»m?n^' Sh ° ^ p0 ice a ® encies can not be afforded 
protecting people's privacy * V aSSUme ^goodwill or even their lack of mistakes in 

CANADY: Hie gentleman's time has expired. 

»h 

The gentleman from Georgia is recognized for five minutes. 

BARR: Thank you, Mr. Chairman. 




SACHS: That's my understanding, correct. 

BARR: And no supervisory capability whatsoever? 

SACHS: That's my understanding, correct. 

aS l!htt!h did **i ^ ow if did me md I ^ink it did Mr. 
waffle just a little bit - that, in virtually eve^lnstance the^nlv S™* ?°?f h th ^‘ ofcourse ’ aKva >' s 
last hvo years in which they used project Carnivore was rinralv £cm?J?hfrcfp " 5 U! l^ tances over the 
could not satisfy them that they could provide the informaiiS^ 
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FBI Is Pressured ® 
To Discbse Codes 
For Carnivore 


DATE 

RAOlfAE^ 


»V Tet* Btmus 
" f T,MJ *'*>■>• 

l J^! GTm ' Tbe Fecfcr;U anwut of 
in dkrtm T JS um!er increaslngr pressure 
So ^setose I he secret blueprints for its Car 

SSSSr^ Wtom so independent 
? pem can verify that the soft- 

« ^ °7’ !,le Mwi * f wtnnumi. 

cations of criminal suspects. 

rev-Sf «F 6885 10 MS such 

dosfw Mm B io !C a s dis- 

the softwares source code would 
ate hackers to find ways to defeat the 

aSSo^iSf^i*^ argll{? tM smh 

a oisetare could violate copyright protect 

nf°^f^ eCaU fL Carnivore Eludes portions 
me «S*f towt a product licensed to 

ttiegaverament by an unidentified vendor 
^Congress « expected >o press senior 
FBI officials on the subject at a hearing 
today before a House Judiciary Committee 
M led by Florida Republican to 
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USA TODAY 


Today's debate: FBI and Internet privacy 


rm eavesdrops on e-mail 
crashes privacy barriers 

1 DTIIP* 


Purview: 

%en<y says it targets criminals. 
History says it cant be trusted 

p*e FBI has a knack for concocting colorful 
code names for crime-busting toys. The iat- 
est is Carnivore" — an eavesdropping device 
that devours private e-mail and spits out in- 
teresting parts for scrutiny. Not just crimi- 
tiais* e-mail. Anyone’s e-mail. 

The FBI already has attached Carnivore to 
. e ' ma " hardware at some internet ser- 
vice providers. Trough it won't say where 
the FBI says, the tod has been used fewer 
than 25 times. Once it's in place, Carnivore 
acts as an unrestrained internet wiretap 
snooping through every Internet communi- 
cation that comes within its reach. 

The House judicia ry Committee will ho!d a 
hearing today, at which it will ask the FBI to 
expiarn its actions. But in the IS weeks since 
Csnsvore was revealed in obscure congres- 
sional testimony, the bureau has evaded an- 
swer about both its capabilities and pro- 
posed uses. The bureau won’t answer even 
ttre most basic questions about whom the 
technology targets'and how it protects the 
pnvaqr of innocent Internet users. The po- 
tential for abuse is unprecedented* 

* W* 0 * ^ intended to rifle 


► Why. The Congressional testimony that 
revealed tire existence of Carnivore also dis- 
closed two other systems used by the FBI for 
; purposes: "Omnivore" and "Ether- 
peek.'* Why weren't those revealed earlier? 
How many times have they been used and 
for what purpose? 

The FBI's response to those questions is in 
i essence, tmt us; weVe ordy .after oiminals 
and terrorists. But even a cursory glance at 
I law-enforcement history shorn tliat prom- 
ise cant be trusted. Hie temptation of gov- 
ernment to coiled: and misuse mfamiabon is 
irresistible. (See box.) 

Further, the FBI shows no inclination to ex- 
ercise restraint In every aspect of eledmnfc 
private - computers, the internet and cell- 
phones - it has pushed invasiveness to the 
technological limit: 

*• in 1994> the FBI lobbied to have back- 
door access installed in every new computer 
to ease electronic snooping, allowing the FBI 
to defeat security. The plan was dropped af- 
ter the National Academy of Sciences deter- 
mined such access would make all comput- 
ers more vulnerable to illegal break-ins. 

► in 1995, the bureau asked for the capa- 
bility to tap as many as one in 100 phones in 
major ci ties, it backed off only after a public 
outoy. Lacking such technology, no totalitar- 
ian state in the world is that invasive. 

* in 1996, the FBI proposed liberalizing 

frhA wwirt- rtf ^ i. * i 


through potential criminals' Internet traffic ►WmrITS * ** m ! astve * 
after police obtain a court order. But the 2 * h m f the m . P roposed 
fives the FBI tire ability' to track not i JtS J* export of encryption programs, but only 
individual named in the court onto but also fof -- npanies ti,at ‘ under ? Dlift orrfer . make 

everyone who uses the same server at the availabte tQ defeat the privacy pro- 

Interoet service provider. At America Online graffiS ' After wo fe£{erai c 011 ^ sh rock down 

fe- example, that would be thousands of tbe P ro P osal > tbe administration gave up. 
people. What's to keep tire FBI from snooo- * ^ tbe ^ wef!!: *0 court to protect 

ing more broadly? Only its own assurances. a P^ n tbat wuld alfow cellphones to be 

► What Coverage so far has focused on used by P° lice t0 kote tire positions of their 

ore surveillance of e-mail, but a program U5et5 ‘ *^ e case «* court today, 

that can snoop through e-mail can te as * Today, the thin answers the FBI has 
easily eavesdrop on Web surfing sink the made public about ^ rnivore «&e mere dis- 
information travels in similar fomis over the turt>in S questions. An explanation of Canrsi- 

same servers. Wliat information wili the FBI wre m the f®’* Web site casually 

colfert about the sites people visit and even discusses the electronic surveillance 6f an 

tthe ads they dick on? o*we “facility, ’ without explaining how 

j * When. Tire FBI admits that Carnivore is broad such e-snooping oouki be. 

jmoie invasive than a conventional ohone 1 fc ead »^ e . tiie FBI gets eonwiience. The 

J itap. Yk it faces no more restraints than tWse 1 P^S^ts government intrusion on a scale 
that protea telephone conversations, which ‘ uae ^ ua5ed ^ constitutional history. Abuse 
are themselves inadequate. Since Carnivore ‘ ^P 3 ^ & less-cfosely watched law 
t$ a greater threat to privacy*, shouldn’t there J enforrcmenJ a S endes Payback on tire 
tre more restrictions on when it*$ used? j technology. 


{ enforcement agencies piggyback on tire 
{technology. 
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E-snooping grows 
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FBI fumbles privacy 

The FBI has a long history of violating 
the privacy of US. citizens, often with 
political motives. Some examples: 

► 1956: The FBI rifled credit files and 
criminal records of 43 ordinary Dela- 
ware citizens called to jury duty m a po- 
litically sensitive case. Many also were 
investigated for ties to the NAACP. 

► 1960s: FB! wiretapped Martin Lu- 
ther lung Jr. to gather damaging in- 
formation on extramarital affairs. 

. *■ 1970: FB! sent damaging informa- 
tion on NAACP chief, Rev. Ralph Aber- 
nathy, to Vice President Spiro Agnew. 

► 19S0s and '90s; FBI kept a file on 
AIDS activist group ACT UP and its 
planned protests. 

*•1993 and *94: Tire FBI "inad- 
vertently" released files containing un- 
substantiated allegations on numerous 
Republicans to low-level political ap- 
pointees of the Clinton administration. 


Attorney General Janet RencT saw last 
week that she intends to begin a thorough 
review or Carnivore. That’s a positive step, 
but it’s hard to understand how Reno 
wouldn't already have a Complete knowl- 
edge of the tool since she is tire head of the 
"President’s Working Group on Unlawful 
Conduct on the internet," which just com- 
pleted its report in March. V 
The Clinton administration greeted howls 
about Carnivore's reach with a proposal to 
update electronic-privacy laws, although 
congressional Democrats say the Mil has no 
chance of even being voted on this year. 

The time for such updating and review 
was before Carnivore was used Carnivore 
needs to be shut down until an outside re- 
view of its capabilities and safeguards is 
complete. And the Internet companies that 
willingly complied with the FBI’s use of tire 
technology in the past need to come forward 
and inform individuals whose e-mail the FBI 
“filtered" 

( Of course, taw enforcement agendes can- 
, nor operate without ways to monitor the 
, modem communications tools of criminals i 

jaretyonerfreapifority. 
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£ '! ^ °f Hw innocent to be free from 

Vi> f government intrusion should not be com- Visa/ 
promised to make fife easier for tire FBI Unt il 
the bureau can show that its new technology 
poses no threat to the public. Carnivore 
needs a starvation diet. 


Technology used narrowly 

Op posing view: — — 



By John L Colimgwood 

First lets get the facts straight. The FBI 
and all other law enforcement agencies can 
intercept e-maiis only pursuant to a court 
order signed by a judge who is satisfied t hat 
the government has demonstrated probable 
cause that a serious crime Is being or has 
been committed, that the e-mails wi be 
about that crime, and that the interception is 
necessary to obtain evidence about the 
ctime. 

Conducting an intercept beyond that is a 
federal crime subject to severe criminal and 
civil sanctions. Hie entire process requires 
continuous reporting to a court and, of 
course, ultimately is subject to vigorous chal- 
ky by defense attorneys. Even when only 
address information is sought, a court order 
is still required 

What does "Carnivore" do? In the simplest 
toons, it ensures that only the exact comma- 
notions authorized by the court to be in- 
tercepted are intercepted. So, for example, If 
a court authorizes only the interception of e~ 


mail to the exclusion of all other communi- 
cations, regardless of whom send s them a nd 
where they are going. Nothing else is mon- 
itored or collected, and everything collected 
is supervised by the court 

When is Carnivore used? It is used only 
when m Internet service provider cannot, on 
its own, effect the interceptions consistent 
with a narrow court order. Accordingly, it has 
been used very few times, predominately in 
terrorism cases. 

In 1968, Congress spelled out ^tricf re- 
quirements for imerceptions. Carnivore sim- 
ply ensures that law enforcement agencies 
comply precisely with those requirements as 
technology advances. We understand why 1 
certain segments oppose this court-super- 
vised technique But since 1968, because of 
this law, many lives have been saved and 
thousands of drug, dealers, terrorists, child 
predators and spies are in jail. 

Hie chai rman of PSINet laid out the appro- 
priate challenge He does not warn to see 
Carnivore on his network unless vve can 
prove It collects only the traffic from the tar- 
get of a court order. That, of course, is pre- 
cisely what Carnivore - does, electronically 
protect the privacy of tho&e not subject to 
the court order. 


mail from a particular drug dealer to another John £ Coli'mgmod is an assistmtdirectw 

drag dealer, thts system captures only that e~ of the Mem! Bureau of investigation. 
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July 24, 2000 


Mr * Brian Gal 1 agher 
Editor of the Editorial Paqe 
U&V Today 
1000 Wilson Blvd. 

Arlington, VA 22229 

Dear Mr, Gallagher: 


In response to today's editorial about "Carnivore " 
again let's get the facts correct, 

PSA Today rightly points out that "law enforcement 
agencies cannot operate without ways to monitor the modern 

communications tools of criminals" but then questions who 

should ensure that privacy is properly protected. The simple 
answer is the same as it has been for over 30 years- -federal 
judges All of the federal criminal and civil sanctions Jnd 
juuicial oversight that apply to wiretapping and have ef fee- 
lively protected those not the target of s court order apply 
to the use of Carnivore to intercept the e-mails of criminals 


, Unlike as the editorial reflects, howe'ver, Carnivore 

aoes not snoop through every Internet communication, does not 
spit out everyone's e-mail, and is not an unrestrained Internet 
wiretap. Court orders authorising the intercept of criminals* 
e-mails come only after rigorous review and the conclusion 
that there is probable cause that a crime is being or has been 
committed, the e-mails are about or in furtherance of that 
c P me *-ke intercept is necessary to gather evidence about 
the crime. The orders are specific as to whom and what can be 
intercepted and then the courts supervise the interception to 
ensure compliance. Evading those court orders is aseribus crime 
which would, ot course, produce absolutely nothing of evidentiary 


Finally, the editorial says the "Bureau won't answer 
even the most basic questions about whom the technology targets 
a ■ how it protects the privacy of innocent users," Contrary to 


1 - Mr* 
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Pickard 

Kerr 

Parkinson 
Col ling wood 
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Mr. Brian Gallagher 


that assertion, however, the FBI has shown the system to and 
answered these questions for dozens of people on Capitol Hill 
and over 30 reporters representing 25 media outlets. USA Today , 
of course, was invited and today we are anxious to present it 
at an open hearing before a congressional subcommittee. We are 
arranging for an independent review as well. 

' Sure Carnivore can be controversial and clearly is ill- 

named. But it is used only pursuant to court order; has been 
used sparingly, predominantly in terrorism cases, and then only 
when an Internet Service Provider cannot on its own comply with 
the court order; and, when used, collects only what the law 
authorizes and the courts instruct be collected- -evidence about 
serious crime that cannot be otherwise gathered. 

Sincerely yours, 


John E. Colli ngwood 
Assistant Director 
Office of Public and 
Congressional Affairs 
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Carnivore might sound hu a 
particularly violent computer 
game, or perhaps a movie that you 
wouldn't let your t^year-old go 
see alone, It's actually a proj- 
ect of the FBI which, de- 
pending on your out* 
look, is either a threat to Jflr 
the privacy of all Aroeri- Hgsr 

cans or a useful tod in 
fighting criminals. 

The unfortunately named 
program (the FBI fits been trying 
to come up with something else 
since news of its existence 
broke) is an eaves dropping de- 
vice headed in a tangle of elec- 
tronics the size of a laptop. 

The agency wants to deploy Car- 
nivore boxes at the main comput* 
ers of all Internet service providers, 
to provide an efficient way for the 
FBI to conduct coon-approved 
wiretaps on e-mail in an era when 
all rommunotion, lawful and oth* 




mvise, is going digital. 

Since word of this hit during con- 
gressional testimony the nation's 
privacy advocates have been out- 
raged at the Idea of the Internet be- 

n |ut 'M not just activists who are 
up in arms. So b the Republican 
leadership m<t?r^ess;4feuse-Ma*- 
jority leader Dick Armey of Texas 
has attacked Carnivore as being il- 
legal under current wiretap law's, 
and the Constitution subcommittee 
of the House judiciary Committee 
held hearings Monday to look into 
the matter 

Now; privacy' advocates have 


ty Qw(*> 7^*0, U4A T004V 


been fighting for years to protea 
our information from prying eyes. 
But ifs fascinating to see everyone 
else getting into such a lather over 
a system that - unless die FBI is ly- 
ing through its teeth - is very lim- 
ited in what if s allowed to do, 
-Tn ^-perfect* world. 1 might be 
concerned ahoor the idea that were 
1 the subject of an investigation, the 
FBI could monitor my e-mail But 
agents would at least have to go be- 
fore a judge and get permission. 
And even at the height of govern- 
ment surveillance during the Mc- 
Carthy era. the number of people 


eiife 

By Elizabeth Weise 

being monitored numbered weS 
under 1 mtlfoa 

That pales in comparison wish 
whafs already happening with 
every keystroke we make as we 
wander the commercial Web, 

, Many sites record every 
|k search made and every 
mouse tkk buMng up a 
defiled dossier of interests 
^ and surfing choices, whkh 
they use to target the ads 
that appear on our screens. 
A fair number also “bug" 
■V their sites, scattering invisi- 

J ble cookies that our brows- 
ers pick up, allowing that site 
and others to share informa- 
tion to create an even more 
specific portrait 

<*** In addition by linking to 
outside databases, It's pos- 
sible to attach that portrait to a 
name, address and personal data, 
including what stores you shop ac 
what you buy and when you pay 
your bills. And let's not forget that if 
the company goes out of business. 


It can try m auction of its 
to the highest bidder - th 
government we so fear is 
on making that legal 
All that t $ bad enough, 
rntm compared with w 
happen when the Vkh ; 
less and we aH begin acc 
e-mail, bank accounts ar 
funds from cellphones, 
thought a cookie or two 
trusfre, wit till everyth! 
is finked in real time toy 
number and exact pbysi 
tion, as cellphones soon w 
This isn't to say C 
shouldn 't be carefully mor 
that we should mist the 
because tt tel is us to A just < 
dersrand why so many of 
pie up in arms over Cara 
against passing any kind 
protection for consumer 
online, saying the industt 
velop only if it's left to sel 
When it comes to the 
my personal tnformatio 
the government which is 
stria laws, a whole lot roo 
trust multinational corpon 
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FBI defends e-mail surveillance tool 


By Kevin Johnson 
USA TODAY 

WASHIMCTON ~ Peppered with 
questions from skeptical lawmak- 
er, tfeBl^d lovvii concerns 
Monday that its e-mail surveillance 
program known as “Carnivore" 
coold be used to eavesdrop on the 
Innocent 

At a House judiciary subommir- 
tee bearing that seemed to capture 
ton the promise and pftfafe of 
<»w technology for law enforce- 
ment, Assistant FBI Director Donald 
Kerr defended the program as a 
useful tool for agents. He said any 
surveillance done with the Carni- 
vore program Is limited to those 
suspects named in court orders. 
Critics, including an unusual co- 
alirion of conservative Republicans 
and aril liberties advocates, have 
complained that the program could 
he used to do broad surveillance. 
Their fear stems from the way 


the FBI implements the tasmet- 
wiretapping system. Carnivore 
works through a suspect* inreroet 
service or widen such as America 
Online, it allows tm*esdgiat0f$ to 
identify and view a suspect's e~ 
mails among aH e-nuBs moviiw 
through the providers system, 

Critks are concerned about giv- 
ing law enforcement access to the 
e-mails of innocent people as well 
as suspects. Although Carnivore 
can retrieve any e-mails, investtea- 
ton: are restricted to those that 
have been approved for monitcrinH 
by a judge. 

House judiciary Committee 
Charonan Henry Hyde, R®, said 
the Carnivore debate reflected an 
ongoing tension between Jaw en- 
forcement and individual rights, 

Tou on understand people’s 
concerns for privacy? There are 
people who are skeptical about this 
culture of privacy and how porous 
if tC Hyde told Kerr and other FBI 


officials at the House hearing. 

Meanwhile, fop, j£ Watts, R- 
0*% urged the dmon admfoii- 
smariem to suspend the Mmm. 
tinder which the FBI has Percept- 
ed e-mails in 25 probes over the 
past two years. No cases invohnng * 
Carrimm have come to trial, 

justice Department officiate also 
sand they are reviewing die pro- 
gram to make sure that federal 
agents have nor been involved in 
unlawful eavesdropplr^ Kerr said 
investigators involved in the Carni- 
vore program have never been pro- 
vided Internet traffic outside the 
scope of their probes : "We don't do 
broad searches (on internet traffic) 
and surveillance that is not anther 
need by com orders 

This year, the program has been 
used In 16 cases: six criminal 
probes and 10 nadonal-seeuritY in- * 
vesdgatlons. 
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July 25, 2000 


Ms. Christine Bertelson 
Editor of Editorial/Opimon Page 
St. Louis Post Dispatch 
900 North Tucker Blvd 
St. Louis, MO 63101-1099 

Dear Ms. Bertelson: 

In response to your recent editorial "Silent cybercrime hunting," a few additional 
facts might help your readers understand the safeguards and judicial oversight applicable to the 
interception of e-mail on the Internet. 

As always happens, dangerous criminals and terrorists use new technology as fast 
as anyone does. So now, instead of telephones, we increasingly find criminals communicating 
by e-mail in furtherance of their crimes. We have seen this in everything from child pornography 
to terrorism. That is why the FBI developed the Carnivore program, a tool that permits surgical 
in terceptions in the midst of the flood of data on the Internet. 


To use Carnivore to obtain a criminal's e-mail, the FBI first must successfully 
demonstrate to a judge that there is probable cause to believe that a serious crime is being or has 
been committed, the e-mails are about or in furtherance of that crime, and the interception is 
necessary to gather evidence about the crime. It is the same rigorous legal standard that applies 
to the interception of telephone conversations. The same severe criminal and civil sanc tions 
apply to any misuse as well, and the whole process is supervised beginning to end.bv the federal 
court issuing the order. Finally, the use of this evidence and the method of collection are always 
subject to vigorous challenge by defense lawyers. 


The FBI only uses Carnivore when an Internet Service Provider cannot, on its 
own, provide the very limited information authorized by courts to be intercepted, e.g„ e-mails to 
and from two drug dealers. That is why it has only been used 25 times since it was developed 
and, in these cases, it was used with assistance from the Internet Sendee Provider. 


1 - Mr. Pickard 
1 - Dr. Kerr 
(f)- Mr. Parkinson 
1 - Mr, Collingwood 
JECrmmc (9) 
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Ms, Christine Berteison 


Finally, Carnivore does not "automatically" search for "key words among all e~ 
mati traffic." It does not search the content of e-mail at all To search as the editorial suggests 
would be contrary to federal law, subject to severe criminal sanctions and produce nothing of 
e videntiary val ue because it would contravene the parameters of the Fourth Amendment 
Instead, Carnivore ensures that law enforcement only gets those specific e-mails addressed as 
described in the court’s order to the complete exclusion of everything else on the Internet. 

Sincerely yours. 


John E. Coll logwood 
Assistant Director 
Office of Public and 
Congressional Affairs 
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Silent cybercrime bunting 
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STATEMENT OF 
KEVIN V. Di GREGORY 
DEPUTY ASSISTANT ATTORNEY GENERAL 
UNITED STATES DEPARTMENT OF JUSTICE 
BEFORE THE SUBCOMMITTEE ON THE CONSTITUTION 
OF THE HOUSE COMMITTEE ON THE JUDICIARY 

on 

“CARNI VORE” AND THE FOURTH AMENDMENT 
July 24, 2000 

Mr. Chairman and Members of the Subcommittee, thank you for allowing me this 
opportunity to testily about the law enforcement tool “Carnivore” and the Fourth Amendment 
On April 6, 2000, 1 had the privilege of testifying before you during a hearing on Internet privacy 
and the Fourth Amendment; I am pleased to continue to participate in the discussion today about 
“Carnivore” and its role in protecting individual privacy on the Internet from unwarranted 
governmental intrusion, and about the critical role the Department plays to ensure that the 
Internet is a safe and secure place. 

Privacy and Public Safety 

It Is beyond dispute that the Fourth Amendment protects the rights of Americans while 
they work and play on the Internet just as it does in the physical world. The goal is a long- 
honored and noble one: to preserve our privacy while protecting the safety of our citizen s. Our 
founding fathers recognized that in order for our democratic society to remain safe and our 
liberty intact, law enforcement must have the ability to investigate, apprehend and prosecute 
people for criminal conduct At the same time, however, our founding fathers held in disdain the 
government’s disregard and abuse of privacy in England. The founders of this nation adopted the 
Fourth Amendment to address the tension that can at times arise between privacy and public 
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safety* Under the Fourth Amendment, the government must demonstrate probable cause before 
obtaining a warrant for a search, arrest, or other significant intrusion on privacy. 

Congress and the courts have also recognized that lesser intrusions on privacy should be 
permitted under a less exacting threshold. The Electronic Communications Privacy Act 

(“EOF A”) establishes a three-tier system by which the government can obtain stored information 

( 

from electronic communication service providers. In general, the government needs a search 
warrant to obtain the content of unretrieved communications (like e-mail), a court order to obtain 
transactional records, and a subpoena to obtain information identifying the subscriber. See l 8 
U.S.C. §§2701-11. 

In addition, in order to obtain source and destination information in real time, the 

government must obtain a “trap and trace” or “pen register” court order authorizing the recording 

of such information. See 18 U.S.C. 3121, et seq. 

Because of the privacy values it protects, the wiretap statute, 18 U.S.C. §§ 2510*22, 

♦ 

commonly known as Title Ilf, places a higher burden on the real-time Interception of oral, wire 
and electronic communications than the Fourth Amendment requires. In the absence of a 
statutory exception, the government needs a court order to wiretap communications. To obtain 
such an order, the government must show that normal investigative techniques for obtaining the 
information have or are likely to fail or are too dangerous, and that any interception will be 
conducted so as to ensure that the intrusion is minimized. 

The safeguards for privacy represented by foe Fourth Amendment and statutory 
restrictions on government access to information do not prevent effective law enforcement 
instead, they provide boundaries for law enforcement, clarifying what is acceptable evidence 

2 
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gathering and what is not. At the same time, those who care deeply about protecting individual 
privacy must also acknowledge that law enforcement has a critical role to play in preserving 
privacy. When law enforcement investigates, successfully apprehends and prosecutes a criminal 
who has stolen a citizen’s personal information from a computer system, for example, law 
enforcement is undeniably working to protect privacy and deter further privacy violations. The 
same is true when law enforcement apprehends a hacker who compromised the financial records 
of a bank customer. 

As we move into the 2 1 8 century, we must ensure that the needs of privacy and public 
safety remain in balance and are appropriately reflected in the new and emerging technologies 
that are changing the face of communications. Although the primary mission of the Department 
of Justice is law enforcement, Attorney General Reno and the entire Department understand and 
share the legitimate concerns of all Americans with regard to personal privacy. The Department 
has been and will remain committed to protecting the privacy rights of individuals. We look 
forward to working with Congress and other concerned individuals to address these important 
matters in the months ahead. 

Law Enforcement Tools in Cyberspace : 

Although the Fourth Amendment is over two centuries old, fee Internet as we know it is 
still in its infancy. The huge advances in the past ten years have changed forever the landscape 
of society, not just in America, but worldwide. The Internet has resulted in new and exciting 
ways for people to communicate, transfer information, engage in commerce, and expand their 
educational opportunities. These are but a few of the wonderful benefits offers rapidly changing 
technology. As has been the case with every major technological advance in our history, 
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however, we are seeing individuals and groups use this technology to commit criminal acts. As 
Deputy Attorney General Eric Holder told the Crime Subcommittee of this Committee in 
February, our vulnerability to computer crime is astonishingly high and threatens not only cur 
financial well-being and oar privacy, but also this nation’s critical infrastructure. 

Many of the crimes that we confront everyday in the physical world are beginning to 

appear in the online world. Crimes like threats, extortion, fraud, identity theft, and child 

pornography are migrating to the Internet, the Fourth Amendment and laws addressing pri vacy 

and public safety serve as a framework for law enforcement to respond to this new forum for 

criminal activity. If law enforcement fails properly to respect individual privacy in its 

investigative techniques, the public’s confidence in government will be eroded, evidence will be 

suppressed, and criminals will elude successful prosecution. If law enforcement Is too timid in 

responding to cybercrime, however, we will, in effect, render cyberspace a safe haven for 

criminals and terrorists to communicate and cany out crime, without fear of authorized 

* 

government surveillance. If we fail to make the Internet safe, people’s confidence in using the 
Internet and e-commerce will decline, endangering the very benefits brought by the Information 
Age. Proper balance is the key, 

To satisfy our obligations to the public to enforce the laws and preserve the safety', we use 
the same sorts of investigative techniques and methods online as we do in the physical world, 
with the same careful attention to the strict constitutional, statutory, internal and court-ordered 
boundaries. Carnivore is simply an investigative tool that is used online only under narrowly 
defined circumstances, and only when authorized by law, to meet our responsibilities to the 
public. 
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To illustrate, iavv enforcement often needs to find out from whom a drug dealer, for 
instance, is buying his illegal products, or to whom the drug dealer is selling. To investigate this, 
it is helpful to determine who is communicating with the drug dealer. In the “olden days” of 
perhaps 10 years ago, the drag dealer would have communicated with his supplier and customers 
exclusively through use of telephones and pagers. Law enforcement would obtain an order from 
a court authori zing the installation of a “trap and trace” and a “pen register” device on die drag 
dealer’s phone or pager, and either the telephone company or law enforcement would have 
installed these devices to comply with the court’s order. Thereafter, the source and destination of 
his phone calls would have been recorded. This is information that courts have held is not 
protected by any reasonable expectation of privacy. Given the personal nature of this 
information, however, the law requires government to obtain an order under these circumstances. 
In this way, privacy is protected and law enforcement is able to investigate to protect the public. 

Now, that same drug dealer may be just as likely to send an e-mail as call his 

* 

confederates. When law enforcement uses a “trap and trace” or “pen register” in the online 
context, however, we have found that, at times, the Internet service provider has been unable or 
even unwilling to supply this information. Law enforcement cannot abdicate its responsibility to 
protect public safely' simply because technology has changed. Rather, the public rightfully 
expects that law enforcement will continue to be effective as criminal activity migrates to the 
Internet We cannot do this without tools like Carnivore. 

When a criminal uses e-mail to send a kidnaping demand, to buy and sell illegal drugs or 
to distribute child pornography, law enforcement needs to know to whom he is sending messages 
and from whom he receives them. To get this information, we obtain a court order, which we 
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serve on the appropriate service provider. Because of the nature ofintemet communications, the 
addressing information (which does not include the content of the message) is often mixed in 
with a lot of other non-content data that we have no desire to gather. If the service provider can 
comply with the order and provide us with only the addressing informatkm required by court 
order, it will do so and we will not employ Carnivore: If, however, the service provider is 
unwilling or unable to comply with the order, we simply cannot give a criminal a free pass. It is 
for that narro w set of circumstances that the FBI designed “Carnivore.” 

Carnivore is, in essence, a special filtering tool that can gather the information authorized 
by court order, and only that information. It permits law enforcement, for example, to gather 
only the email addresses of those persons with whom the drug dealer is communicating, without 
allowing any human being, either from law enforcement or the service provider, to view private 
information outside of the scope of the court’s order. In other words, Carnivore is a minimization 
tool that permits lav*' enforcement strictly to comply with court orders, strongly to protect 
privacy, and effectively to enforce the law to protect the public interest. In addition, Carnivore 
creates an audit trail that demonstrates exactly what it is capturing. 

As with any other investigative tools, there are many mechanisms we have in place to 
prevent against possible misuse of Carnivore, and to remedy misuse that has occurred. The 
Fourth Amendment, of course, restricts what law enforcement can do with Carnivore, as do the 
statutory requirements of Title lU and the Electronic Communications Privacy Act, and the 
courts. 

For federal Title III applications, the Department of Justice imposes its own guidelines on 
top of the privacy protections provided by the Constitution, statutes and the courts . For example, 
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before Carnivore may be used to intercept wire or electronic communications, the requesting 
investigative agency must obtain approval for the Title III application from the Department of 
Justice. Specifically, the Office of Enforcement Operations (OEO) in the Criminal Division of 
the Department reviews each proposed Title IU application to ensure that the interception 
satisfies the Fourth Amendment requirements, and is in compliance with applicable statutes and 
regulations. Even if the proposal clears the OEO, approval must be given by a Deputy Assistant 
Attorney General. Although this requirement of high-level review is required by Title HI only 
with regard to proposed intercepts of wire and oral communications, the Department voluntarily 
imposes the same le vel of re view for proposed interceptions of electronic communications 
(except digital-display pagers). Typically, investigative agencies such as the Federal Bureau of 
Investigation have similar internal requirements, separate and apart from Constitutional, statutory 
or Department of Justice- requirements. 

If the investigative agency and the Department of Justice approve a federal Title III 
request, it still must, of course, be approved by the proper court . The court will evaluate the 
application under the Fourth Amendment and using the familiar standards of Title HI. By statute, 
for example, the application to the court must show, through sworn affidavit, why the intercept is 
necessary as opposed to other less-intrusive investigative techniques. The application must also 
provide additional detail, including whether there have been previous interceptions of 
communications of the target, the identity of the target (if kno wn), the nature and l ocation of the 
communications facilities, and a description of the type of communications sought and the 
offenses to which the communications relate. By statute and internal Department regulation, the 
interception may last no longer than 39 days without an extension by the court. 
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Courts also often impose their own requirements. For example, many federal courts 
require that the investigators provide periodic reports setting Forth information such as the 
number of communications intercepted, steps taken to minimize irrelevant traffic, and whether 
the interceptions have been fruitful. The court may, of course terminate the interception at any 
time. 

{ 

The remedies for violating Title HI or ECPA by improperly intercepting electronic 
communications can include criminal sanctions, civil suit, and for law enforcement agents, 
adverse employment action. For violations of the Fourth Amendment, of course, the remedy of 
suppression is also available. 

Carnivore itself also contains self regulating features. For example, because of its 
sophisticated passive filtering features, it automates the process of minimization without 
intrusive monitoring by investigators, and simply disregards packets of information that do not 
satisfy the criteria in the court’s authorization. Indeed, one of the most powerful privacy* 
protecting features of Carnivore Is its ability to ignore information that is outside the scope of the 
court-ordered authority . For later verification, it also logs the filter settings. In addition, as a 
practical matter. Carnivore is not deployed except with close cooperation with the appropriate 
system provider. fa any event, thc.FHI does not use Carnivore in every instance in which the 
court orders a Title IB electronic communication intercept Indeed, I understand that the Bureau 
uses Carnivore only in those instances when the service provider is unable to comply with the 
court order using its own equipment, or when the provider asks the FBI to use Bureau equipment. 

As I testified in April, we face three major categories of challenges in trying to keep the 
Internet a safe and secure place for our citizens. These are: 
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1 . Technical challenges that hamper law enforcement’s ability to locate and 
prosecute criminals that operate online; 

2. Certain substantive and procedural laws that have not kept pace with the changing 
technology, creating significant legal challenges to effective investigation and 
prosecution of crime in cyberspace; and 

3 . Resource needs that must be addressed to ensure that law enforcement can keep 
pace with changing technology and has the ability to hire and train people to fight 
cybercrime. 

Carnivore is an investigative tool that assists us in meeting the first challenge. As we 
have witnessed, tracking a criminal online is not always an impossible task using our 
investigative tools. For example, last year federal and state law enforcement combined to 
successfully apprehend the creator of the Melissa virus and the individual who created a 
fraudulent Bloomberg News Service website in order to artificially drive up the stock price of 
PairGain, a telecommunications company based in California. Although we are proud of these 
important successes, we still face significant challenges as online criminals become more and 
more sophisticated. 

In nearly every online case, tracking the •online criminal requires law enforcement to 
attempt to trace the “electronic trail” from the victim back to the perpetrator. In effect, this 
“electronic trail” is the fingerprint of the twenty-first century - only much harder to find and not 
as permanent as its more traditional predecessor. In the physical world, a criminal and his victim 
are generally in the same location. But cybercriminals do not have to physically visit the crime 
scene. Instead they cloak their illegal activity by weaving communications through a series of 
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anonymous remailers, by creating forged e-mail headers with powerful point and click tools 
readily downloadable from hacker websites, by using a '‘free-trial" account or two, or by “wiping 
dean" the logging records that would be evidence of their activity. 

In some cases, the criminal may not even be in the same country as the victim. The global 
nature of the internet, white one of the greatest assets of the Internet to law-abiding citizens, 
allows criminals to conduct their illegal activity from across the globe. In these cases, the need 
to respond quickly and track the criminal is increasingly complicated and often frustrated by the 
fact that the activity takes place throughout different countries. With more than 190 countries 
connected to the Internet, it is easy to understand the coordination challenges that face law 
enforcement. Furthermore, in these cases, time is of the essence and the victim may not even 
realize they have been victimized until the criminal has long since signed-off. Clearly, the 
technical challenges for law enforcement are real and profound. 

This fact was made dear in the findings and conclusions reached in the recently released 
report of the President’s Working Group on Unlawful Conduct on the Internet, entitled, “The 
Electronic Frontier: The Challenge of Unlawful Conduct Involving the Use of the Internet.” This 
extensive report highlights in detail the significant challenges facing law enforcement in 
cyberspace. As the report states, the needs and challenges confronting law enforcement, “are 
neither trivial nor theoretical.” The Report outlines a three-pronged approach for responding to 
unlawful activity on the Internet: 

1 , Conduct on the Internet should be treated in the same manner as simitar conduct 
offline, in a technology neutral manner. 


10 


5/24/02 Release -PagJ J4j 




2. We must recognize that the needs and challenges of law enforcement posed by the 
Internet are substantial, including our need for resources, up-to date investigative 
tools and enhanced multi-jurisdictional cooperation. 

3. Finally, we need to foster continued support for private sector leadership in 
developing tools and methods to help Internet users to prevent and minimize the 
risks of unlawful conduct online. 

I would encourage anyone with an interest in tins important topic to review carefully the 
report of the Working Group. The report can be found on the Internet by visiting the website of 
the Department of Justice’s Computer Crime and Intellectual Property Section, located at 
www.evbemrime.gov. In addition to the report, ww.eybercrime.gov also contains other useful 
information on a wide array of Internet related issues, including the topic of today’s hearing - 
privacy. 

Despite the type of difficulties outlined in the Unlawful Conduct Report and discussed 

♦ 

today, the Justice Department and law enforcement across this nation are committed to 
continuing to work together and with their counterparts in other countries to develop and 
implement investigative strategies to successfully track, apprehend, and prosecute individuals 
who conduct criminal activity on the Internet, In so doing, the same privacy standards that apply 
in the physical world remain effective online. 

Mr. Chairman, the Department of Justice has taken a proactive leadership role in making 
cyberspace safer for all Americans. The cornerstone of our cybercrime prosecutor program is the 
Criminal Division’s Computer Crime and Intellectual Property Section, known as COPS. 

CCIPS was founded in 1991 as the Computer Crime Unit, and became a Section in 1996. COPS 
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has grown from five attorneys in 1996 to nineteen today, and we need more to keep pace with the 
demand for their expertise. The attorneys in GCIPS work closely on computer crime cases with 
Assistant United States Attorneys known as “Computer and Telecommunications Coordinators,” 
or CTC’s, in U.S. Attorney’s Offices around the nation. Each CTC receives special training and 
equipment and serves as the district’s expert on computer crime cases. CCIPS and the CTC’s 
work together in prosecuting cases, spearheading training for local, state and federal law 
enforcement, working with international counterparts to address difficult international 
challenges, and providing legal and technical instruction to assist in the protection of this 
nation’s critical infrastructures. We are very proud of the work these people do and we will 
continue to work diligently to help stop criminals from victimizing people online. 

I also note that public education is an important component of the Attorney General’s 
strategy on combating computer crime. As she often notes, the same children who recognize that 
it is wrong to steal a neighbor’s mail or shoplift do not seem to understand that it is equally 

K 

wrong to steal a neighbor’s e-mail or copy a proprietary software or music file without paying for 
it. To remedy this problem, the Department of Justice, together with the Information Technology 
Association of America (ITAA) , has embarked upon a national campaign to educate and raise 
awareness of computer responsibility and to provide resources to empower concerned citizens. 

.* 4 4* 

The "Cybercitizen Awareness Program” seeks to engage children, young adults, and others on 
the basics of critical information protection and security and on the limits of acceptable online 
behavior. The objectives of the program are to give children an understanding of cyberspace 
benefits and responsibilities, an awareness of consequences resulting from the misuse of the 
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medium and an understanding of the persona! dangers that exist on the Internet and techniques to 
avoid being harmed. 

Finally, Mr. Chairman, the Subcommittee may be aware that the Administration will soon 
be transmitting to Congress a legislative proposal addressing various issues relating toxyber- 
security. I know that fee focus of today's hearing is the Carnivore program, and this is not the 
time to undertake any detailed discussion of the Administration's proposal. I would, however, 
like to mention two points that relate directly to today's discussion. First, fee Administration 
supports raising the statutory standards for intercepting the content of electronic communications 
so they are fee same as those for intercepting telephone calls: high-level approval, use only in 
cases involving certain predicate offenses that are specified by statute, and statutory suppression 
of evidence derived from improper intercepts, Second, the Administration supports requiring 
federal judges to confirm that the appropriate statutory predicates have been satisfied before 
issuing a pen register or trap-and-trace order. Those changes would apply to the use of Carnivore 
- and would, in important respects, simply confirm by statute fee policies and procedures already 
followed by the Department of Justice. Beyond those specific points, I will simply note here that 
fee Administration supports a balanced updating of laws to enhance protection of both privacy 
and public safety, and that the forthcoming proposal will contain important provisions whose 
enactment would be most helpful in the ongoing fight against cyber-crime. 


■m 




Mr. Chairman, I want to thank you again for this opportunity to testify today about our 
efforts to fight crime on the Interact while preserving fee rights conferred by the Fourth 
Amendment and statute. Ultimately, the decision as to the appropriate parameters of law 
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enforcement activity lies squarely within the Constitution and the elected representatives of the 
people, the Congress. The need to protect the privacy of the American people, not just from the 
government hut also from criminals, is a paramount consideration, not just in the context of the 
Internet, but in general. The Department of Justice stands ready to work with this Subcommittee 
and others to achieve the proper balance between the important need for protecting privacy and 
the need to respond to the growing threat of crime in cyberspace. 

Mr. Chairman, that concludes my prepared statement. I would be pleased to attempt to 
answer any questions that you may have at this time. 
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Oral Statement of Kevin Bi Gregory 

Mr. Chairman, and Members of the Subcommittee, thank you for allowing me this 
opportunity to testify about the law enforcement tool “Carnivore” and the Fourth Amendment. 

We have seen magnificent growth of the internet over the iast ten years. It has created 

vast benefits for citizens, businesses and governments, and seems to hold boundless promise If we 

( 

can harness it. The Internet has spurred a new and thriving economy. Many businesses have 

prospered by providing their products and services through the Internet. Others have assisted in 

building, maintaining and improving the Internet itself. The Internet has given people jobs, 

supported families and communities and created new opportunities for commerce for America and 

the world. The Internet has touched both oar working lives and our family lives. 

As we have seen throughout histoiy, however, there are those who use the powerful tools 

of progress to inflict harm on others. The Internet has not escaped this historical truth. Even in 

the internet’s relatively short existence we have seen a wide range of criminal use of the 

* 

technology. It has been used to commit traditional crimes against an ever widening number of 
victims. There are aiso those criminals intent on attacking and disrupting computers, computer 
networks and the Internet itself. In short, although the Internet provides an unparalleled 
opportunities for Americans to freely express ideas, it also provides a very effective means for 
ill-motivated persons to breach the privacy and security of others. 

Many of the crimes that we confront everyday in the physical world are beginning to 
appear in the online world. Crimes like threats, extortion, fraud, identity theft, and child 
pornography are migrating to the Internet. The Fourth Amendment and laws addressing privacy 
and public safety serve as a framework for law enforcement to respond to this new forum for 
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criminal activity . If law enforcement fails properly to respect individual privacy in its investigative 
techniques, the public's confidence in government will be eroded, evidence will be suppressed, 
and criminals will dude successful prosecution. If law enforcement is too timid in responding to 
cybercrime, however, we will, in effect, render cyberspace a safe haven for criminals and terrorists 
to communicate and carry out crime, without fear of authorized government surveillance. If we 
fall to make the Internet safe, people’s confidence in using the Internet and e-commerce will 
decline, endangering the very benefits brought by the Information Age. Proper balance is the key. 


Despite the fervor over the unfortunately-named “Carnivore,” the truth of the matter is 
that Carnivore is in reality a tool that helps us achieve this balance. To satisfy our obligations to 
the public to enforce the laws and preserve public safety, we use the same sorts of investigatory 
techniques and methods online as we do in the physical world, with the same careful attention to 
the strict constitutional and legal limits. Carnivore is simply an investigatory tool that helps us to 
investigate online in the same way as in the physical world, and enables us to obtain only the 
information we are authorized to obtain through a court order. 

To illustrate, law enforcement often needs to find out from whom a drug dealer, for 
instance, is buying bis illegal products, or to whom the drug dealer is selling his goods. It is 
therefore important to determine with whom the drug dealer is communicating. In the “olden 
days” of perhaps 10 years ago, the drug dealer would have communicated with his supplier and 
customers exclusively through use of telephones and pagers. Law enforcement would obtain an 
order from a court authorizing the installation of a “trap and trace” and a “pen register” device on 
the drug dealer’s phone or pager. Now, that same drug dealer, or a kidnapper or a child 
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porno grapher, may be just as likely to send an e-mail as to call his confederates . 

When law enforcement uses a “trap and trace” or “pen register” in the online context, 
however, we have found that, at times, the Internet service provider has been unable or even 
unwilling to supply this information. It is for that narrow set of circumstances that the FBI 
designed “Carnivore.” Law enforcement cannot abdicate its responsibility to protect public safety 
simply because technology has changed. Rather, the public rightfully expects that law 
enforcement will continue to be effective as criminal activity migrates to the Internet We cannot 
do this without tools like Carnivore. 

Carnivore is, in essence, a special filtering tool that can gather the information authorized 
by court order, and only that information. It permits law enforcement, for example, to gather 
pursuant to an order only the email addresses of those persons with whom the drug dealer is 
communicating, without allowing any human being, either from law enforcement or the service 
provider, to view private information outside of the scope of the court’s order. In other W'ords, 

protect privacy, and to enforce the law to protect the public interest, In addition, Carnivore 
creates an audit trail that demonstrates exactly what it is capturing. 

And as with any other investigative tools, there are many mechanisms we have in place to 
prevent possible misuse of Carnivore, and to remedy misuse that has o ccurred. The Fourth 
Amendment and the courts, of course, restricts what law enforcement can do on line, with or 
without Carnivore, as do the statutory requirements of Title III and the Electronic 
Communications Privacy Act 

In the case of federal Title III applications, foe Department of Justice imposes its own 
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guidelines on top of the privacy protections provided by the Constitution, statutes and the courts. 
For example, before Carnivore may be used to intercept wire or electronic communications, with 
the limited exception of digital display pagers, the requesting investigatory agency must obtain 
approval for the Title HI application from the Department of Justice. Specifically, the Office of 
Enforcement Operations in the Criminal Division of the Department reviews each proposed Title 
HI application to ensure that foe interception satisfies foe Fourth Amendment requirements, and is 
in compliance with applicable statutes and regulations. If the proposal clears foe OEO, appro val 
must generally be given by a Deputy Assistant Attorney GeneisL Typically, investigative agencies 
such as the Federal Bureau of Investigation have similar but separate internal requirements. 

If the investigative agency and the Department of Justice approve a federal Title HI 
request, it still must, of course, be approved by the proper court using familiar but exacting 
standards. By statute and internal Department regulation, foe interception may last no longer 
than 30 days without an extension by foe court. And courts also often impose their own 
additional requirements. 

In addition, the remedies for violating Title IH or ECPA by improperly intercepting 
electronic communi cations include criminal sanctions and civil suits. For violations of foe Fourth 
Amendment, of course, the remedy of suppression is also available. 

Despite this panoply of protections, we recognise that concerns remain about this tool. 
Therefore, the Attorney General has asked for an independent review of foe Carnivore source 
code to ensure that its capabilities are what we understand them to be. A report generated from 
foe review will be publicly disseminated to interested groups within industry, academia and 
elsewhere, and should alleviate any concerns regarding unjustified intrusions on privacy from foe 
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use of this tool 


Committee with my full written statement It is my sincere hope and expectation that through this 

Softer to, there of«who are concerned about ? riveey»d public ^wtllreeogmee to 

responsible law enforcement can enhance both goals. 
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Miiimm of Americans now tog on to the inter- 
net as naturally and as frequently as they pick up a 
phone. Technology has created a revolution in per- 
sonal communications, but technology is also mak- 
ing it possible lor government and even employers 
to monitor private conversations as never before 
Telephones laws must be updated to address 
those new challenges to privacy. 

; Last week the White House proposed some 
limited changes to the federal wiretap and electron- 
ic privacy laws that would raise legal standards for 
government interception of e-mail. Separately, sev- 
eral lawmakers Introduced legislation to require 
employers to notify employees about how e-mail, 
Internet use and phone calls are monitored Em- 
ployees of The New York Times Company are 
already notified that the company reserves the 
right to review e-mail messages while investigating 
a complaint. Last year the company dismissed 23 
employees - most based at a regional business 
office — for sending offensive e-mail messages. 

■ in the absence of more stringent controls, law 
enforcement agencies may be tempted to conduct 
wholesale monitoring of digital written communica- 
tions. It is probably not practical for agents to listen 
m on all the phone calls, for example, that to 
through AT&T. But new technology is making it 
possible for agencies like the F.BJ. to scan, read 
and record millions of pieces of e-mail on the 
network of an Internet service provider. Until now, 
this kind of power and its potential for abuse were 
not so readily available. 

Current wiretapping laws were not drafted 
with this technology in mind and need to be updated. 

V ariaus statutes now set different legal standards 
for the secret interception of domestic communica- 
ttons by law enforcement agencies, depending on 
whether the communication is by telephone, e-mail 
or cable modem. 

The Clinton administration is proposing to 


eliminate these inconsistencies. Its plan would bring 
the standards used for intercepting e*maii mes- 
sages up to the stricter, more protective ievei now 
applied to telephone wiretaps. Illegal interception of 
e*maii would result in suppression of the evidence 
as ts the case now with illegal interception or phone 
caiis. The proposal would' also enforce the same 
legal standards that apply to phone calls for inter- 
ception of e-mails sent by cable modems, which 
have a greater degree of privacy protection under a 
law that governs cable systems. 

The administration is also calling for greater 
authority for courts to review law enforcement 
requests to use devices that record the phone num- 
bers of incoming and outgoing calls and to track the 
origins and destinations of e-mail messages. 

These changes are clearly needed. But Con- 
gress also needs to provide new safeguards against 
the government's wrongful use of ever more power- 
ful surveillance technology against law-abiding citi- 
zms * Serious concerns have been raised about Car- 
iitvort\ the new online wiretap system used by the 
F.BX to track the communications of individuals 
suspected of criminal activity. 

^ says the technology can isolate the e- 
tnail of the target of an investigation. But the 
system, when hooked up to the network of the 
internet service provider, gives die 3P\B,i unlimited 
access to the e-mail of all other subscribers on the 
network. While a court order is still required to 
intercept ihe content of messages, the secret tech- 
nolQgy controlled exclusively by law enforcement 
raises fears of Improper monitoring. 

Until now, routine government surveillance of 
private conversations was limited as much by prac- 
ticahty as by legal constraints. Now that it is 
f easible to eavesdrop electronically on an unlimited 
scale, the laws have to be strengthened to prevent 
monitoring of all online communications simply 
because technology makes it easy* 
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'The warning from Colombia’s Serrano 


I ince.the United States approved £U billion 
i » «wntemarcotics aid for Colombia, guer- 

[ ^5?S h0 . prafit *“» «» trade 
*' & bloody toTOF CBlttratum irs r»«rn-e ms+ 


What the ELN did want to discu ss is the 1300 
square-mile territory that Colombian President 
^^Pastrara^tentebv’ely agreed to surren- 

to implement since the area, which is rich in o2 

ffrtln flon y'Arwtwrt t uv. - * 


continued unabateZ m U>lomtJia 

Since January’, when aid to Colombia was 
approve^ the Revolutionary Armed jFbrees of 

a S uerrafe group, has attacked 
aimost 200 police stations and killed more than 100 


™ «wuuun» iysai r&su&ntsm stronglyopposed 
to forfeiting the region to the ELN, since they fear 
hvmg outside of the government^ protection. The 

I^OYCTJTXn&lt £3VS tb© C/vnfml nf a rinmJJi+A 


uivt n ***** juacas mountains 

ppesrs to have resulted in the deaths of 60 mem 

hers fifth a MaffrMi r * ^ ■ 


In addition, on Monday 200 FARC terrorists 
ambushed a police station in the remote south- 
western prow^ of Narrno, which is rich in opium 
poppy holds. The FARC gunned down U police 
officers and wounded 17 others. 

This siimtrnt^ context of violence highlights 
how brutal guerriliaand paramilitary tactics con - 
Umie to be. Commanders fertile FARC, which has 
effeem^e control of about 40 percent of the cotin- 
try, declined even to attend die summit But die rob 
attves ofllpeopie Iddnapped by foe Em in the 
, praig of 19^ were there, lobbying for the release 
of their loved ones. The ELK’S chief, Antonio Gar- 
cia ga^-e them little hope, pre-empting the summit 
01 saywig that neither the issue of hostages nor a 
cease-fire would be on the table for discussion 


* aD °a one year ago and an ombudsman 

appointed by Congress has documented 41 disap- 
pearances in the territory at the hands of the 
r ARC. The territory was ceded asaland for peace 
deal, but the FARC now uses the demiUtarized mm 
asa base of illegal operations and has shown no will 
Whatsoever to negotiate a peace. ■ 

Former Colombian Police Chief Jose Serrano 
v*o was in Washington last week to receive tiie 
D Em special agent«ward, described the growing 
Wvg^mOa and paramilitary groups have formed 
with drug traffickers, giving terrorists access to 
Vast resources to buy guns. ‘After the iron curtain 
fell, and subversives stopped receiving money 
from the former Soviet Union or Cuba, the FARC 
began attacking us whan we fomigated fcoca] 
crops, Mr. Serrano told The Washington Times! 
Mr. Pastrana s plan to achieve peace through coun- 
tornarooap initiatives and social projects is there- 
fore khe last chance that we Colombians have. 
Because if it fails, we will have to make our peace 
wer corpses;* he said. No one should want that 
Colombia has seen enough suffering. 


<? 
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Who Needs Big Brother 
When There’s ‘Carnivore’? 


* emoreement: The FBI 
should not be granted such 
sweeping powers to search our 
e-mail and then be trusted to 
police itself. 


^bartkosko 

Now the FBI wants to recruit Internet 
service providers, or ISPs, to spy on U.S. 

raj already WOf ^’wth the 
credit companies ta secretly snoop or 

p*w tKsfi fe **** €wtt “P*«* 
Act tL pwi” * 8isewe Authorisation 
Act The FBI has installed digital phone- 
tappmg equipment directly in phone com- 
panies under a similar congressional act 
passed m 3394. And the Treasury Depart* 
Enforcement 

•\e.work has deputised" all banks to 
monitor our bank accounts and to se- 
cretiy foe "suspicious activity reports" 
that n shares with the FBI and IRS and 
even with some foreign governments. 

The FBI calls its new IS? surveillance 
?;Z 3r * Owjwt- An agent connects 
a Iap.op to the ISP server and then reads 
at least the address of every e-mail mes- 
sage that passes through the server. The 
FBI says ft has used its Carnivore soft* 
ware limes in the last two years to 
search for terrorists or drug dealers or 
71,6 Fm that 

it Deeds this search-'em^U software to 

tfL fJ ^ catch such criminals 
when they use the Internet. 

There are three problems with Carni- 
vore^ and each is fatal, The first is that 
Carnivore undermines the 4th Amend- 
ment & ban m unreasonable searches— if 
it does not violate it outright. The FBI 
ffi a Wge to issuer search 

warrant based on ""probable ciuse^ This 

me3n m ****** l ^ n that 
ibe FBI asks for the warrant But the 4th 
Amendment further demands that the 

***?* specific —^particulariy de- 

scribing the place to be searched,” 

Carnivore searches blindly thresh all 
private e-mails that flow through the ISP 
server while it looks for a suspicious few. 

1 ff m police have a warrant to 
search someone's bedroom dose! and 
a]i houses m a city until they 
imd i t The search itself invades privacy 
Carnivore switches the order of search 

T d washes 

liret identify the subject's property 
w'hich is then searched. Carnivore 
parches through private databases until 
(t identifies a suspect's property-and 


This is a bjg leap down the slippery 
slope of state invasion of privacy. And 
ex J stence of web a monitoring 
S?? aces 3 chi! '‘ng e»e« on l 
bec « iS « toeing 

tort !,« Ir po!tce *% mc y tead at 

SS5SS,TSSC”"*"“ U 

doS’nnST™^ i$ thM the FBI 
o^s not need Carnivore to search for al- 
leged criminal e-mails. Rep, j e ^ n 
£*?***• fB-Mich.) raised this Issue 
S/® Assistant Director Donald Kerr 

K< ;7 before Congress at a 

hearing Monday on Carnivore: “Why do 

^‘Zlhi 0 le , rm ' nais on at the 
JbPs rather than Jet the ISP itself tarn 

deleft* much m the way 

in at telephone camps n ies do?'* 

f . 5 e T lfli$ P 0 ‘ n t but claimed 

H** 1 j| aht! needs Carnivore for 

Thr?J^ S , thal !act: filtcrtn g software. 

I he, is plainly specious: The FBI or ov er - 

^ht sources could simply give such ISPs 
tbu fiitermg software. There is simply no 
need to grant the FBI such sweeping 

? arCh 31,(3 thfi n trust the 
0 police itself as those powers in- 
evitably grow in time. 

tiM B!. tbir< ?,f ob!em * t! »t Carnivore ul- 

costs Th? ■ *?V° rk aes P Re a!1 its 
costs. The criminals it tries to watch are 

‘^*7 ^P fe **«* will take the two oh- 
thJir f! PS ev 1 de it; change 

th^v ifu * * sita 1Ds more °ften, and 
tne> m j use ever more powerful dimlai 
encryption to scramble their messages 

nP rfn^ir reS ^°, f£war ® blueprints and 
”f e ,^ ujrks themselves will leak 
‘° be digital underground despite or be- 

**“*? ° f ,l he . b 5 st efiorts o f those in Con- 
gress, or the judiciary who oversee it And 

Stem a^' 1 V ** the «»*** 

system and maybe crack g, ■*:■■■> . v • 

The only people Carnivore can confi- 
dently watch are the innocent citisens 
whom it has no right to watch. Th£a£“ 
foohsh and dangerous precedent for the 
type of heavy-handed government sor 

Kssscr “ W w r « “ 
?Z3i2^&JS2!TJr 



U n J'Z r i' ^ wBswiiuonai limits 
**”* ^ ingress should 


*?Ji A ? sk<> wepro/essor of electrical 
"T S h?*s\ tng on(f the oathor of 

mt> v *” (RaTidam Ho Z 
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Microsoft Fd& Brief Ashing Supreme CourttoSm 

=^* 22 ^!*^ 


By STEVE LOHR 

In a legal document filed yester- 
Wfcewwft argued that the guv* 
ernme/>t s antitrust case is "0001. 
pleteiyunmitabie for direct appeal" 
to the Supreme Court because it is 
complex and because the trial judge 
• ,tnade serious and substantive pro- 
cedural errors." * 

HrlfTruK^ itS «*N tO SO 
^rst to the federal appeals court in 

Washington, which ruled in favor of 
thecompatiy in a related case 

' v.-ith > L C T PaarS "*"««"«. filed 
wtth the supreme Court, rests beav- 

‘7 ** * scathing attack on the work 
of Judge Thomas Penfieid Jackson 
who heard the lawsuit in Federal 
District Court. « federal 

The Microsoft document, citing in- 

S JU<,gC Jatkson granted to 
new organizations, including The 

stated, "The dis- 
^ cotm s Blunt comments to the 
questions about 

impartiality.*' 

5 \ U(fls fce company to 

Sr” Case - **>«. after ll 
tensing the additional evitien?* 

th 3 l $ hii% Ck T n assured «» company 
*e more W0Uici Based on 

ori S in al complaint, 
according to the Microsoft Him*. 

suted S “rlit S; r Ura f !Ce5 ' < ^ company 

?emk£" ctcom ^ 

vearth«i* CkS °“ ni!e<J *«iier this 
k i Mlcrosoft was a monopolist 

he S > sh e K^S5rp^s der 

^ «p to might 

l ^ 56 government is seeking 
Bave the Supreme cLJ?T 8 to 
appeal dtreciiva^f ttrt Bear the 
By a federMS^P^eview 
appeals to the coSt^t C0Urt * Dir «« 
owjor antitrust 


fovornment. F<w * b ( h^ l i>ytSw 


*°,f £%?*'■ fTmti a»«»tte conn. 
oemuarfAru 8 ’ BBcrosoft is trying to 
persuade the court that the ap^ai 
will involve a thicket of tecfEt 
fesues, procedural challenges smt 

SSffiZ** f swiwdK^S 

sa >7- wiihtnvoive por- 
ment had no comment yesterday. 

The software 
company says the 

trial judge made 
procedural errors . 


a krief saying 

g^fwwanwu "will respond if 

whaf.K? 8 ^ h Bttie mystery about 
*"** w government's theme wilt 
y ^ when if files its brief 
W«h the court on Aug. 15. First, ac- 

lega! ***»«*. fB* govem- 
metrt wdl say that the factual find- 
ings are clear and that the issues for 
appeal are * couple of big legal rjues- 
ons - precise!)- the kind of m aior 
judgments of law that the court so 
wm reserves for itself, 

whww i !?gaJ “• sa y> are 
whether Microsoft's bundling of its 

internet browser with its todustrY- 

c P em * n ® system 
was an illegal tying of two products 

«dtf. cm a ® r <*«« 5 togs 

With other companies was indeed 
moxKipoimng conduct/' in i e » a i 
parlance. Judge Jackson ntled that 
Microsoft $ bundiing move and its 
behavior did violate antitrust laws 
rodf* crosoft is appealing his ruling 
The goventmem is also expected 

* “?* e a ±, ree L u! P° !i cy argument 
for the expedited appeal, given the 
importance of computer industry to 
the economy, J 


economy, 

,. 3 f. g0Ven!mem '‘ 1ii **y that Mi- 
crosoft s monopoly is imposing a sie- 

wBBa thiscase te 
mi appeal and no remedies are in 
Ptece," smd Herbert Havenkamp , 

faw f sciw/"r I h t " ,!iversH y °f lm 

law seftooi. li will say that not tak* 
ing the case is a costly and that 
this is exactly ^e kind of ease that 


prem^ Coe the $u« 
from the outset” J^^'.Badiy awry 

^ckson'sS™^^ to *** 

Mantent to «dfSS§SS 

s 

yond recognition ” in rf 5 lr case Be- 
crosoft declared I" 5 0u ^ so, Mi- 
“commihed an mrav of J u<iee 

subs^tiveproceduiler^ 8 "' 1 

ciudS giving fte 1 ^* erosoft «)- 

time for discoverv and^^ t0<1 Bttle 
M its defense to thl m,? lstiw 
of evidence, ' ®M>andtng array 


the evi<fence fa ae case 

£SLd < S5 nmw Mve 

able for i! ! as . ,,ot *»««! Suit- 

district coun“^ ^Tr," 1 m 

"far™L C Urt ' Microsoft stated 

the flleraf^^ a PP iic ation of 
me federal rules of evidence a.-w 

awsarsTE 

” oa _”f Microsoft Submitted 
w«t> newspaper articles, even pre^ 

releases, as evidence. P ss ' 

th^1h? e J^f mn,8Rt ro3 ««ained 
“MJB® iMtfitionai evidence ore- 

compiaint was fded 

SSfKS practices MteroToft 
“sea to snag competition. Thus the 

tBe additfonaj’evte 
^d Annfwt* ^fP^ies like late! 
the S,t 00 m mansion of 

St 

^ **» government 

suggested 

Wrs before Judge Jwffllf 

S®* 4 to the 

should be considered grounds for a 
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ADDITIONAL CARNIVORE DOCUMENTS 


FROM 

OFFICE OF GENERAL COUNSEL 
TECHNOLOGY LAW UNIT 
(THROUGH 7/28/00) 


PAGES REVIEWED: 49 

PAGES RELEASED: 49 

EXEMPTIONS CITED: b6-l, b7C-l, 

b6-3 & b7C-3 


NOTE: 91 pages from this file are duplicates to pages from 
The Office of General Counsel's Front Office file. 



July 11,2000 


VIA FAX 

Hon. Charles T. Canady, Chairman 
Constitution Subcommittee of the 
House Judiciary Committee 
362 Ford House Office Bldg, 
Washington, D.C. 20515-6220 

and 

Hon, Melvin L. Watt, Ranking Member 
Constitution Subcommittee of the 
House Judiciary Committee 
362 Ford House Office Bldg. 
Washington, D.C. 20515-6220 

Dear Representatives Canady and Watt; 


We are writing to you about the new FBI email surveillance system aptly named "Carnivore," 
which gives law enforcement extraordinary' power to intercept and analyze huge volumes of 
email. The Carnivore system gives law enforcement email interception capabilities that were 
never contemplated when Congress passed the Electronic Communications Privacy Act 
(ECPA), codified in relevant part at 1 8 U.S.C. 2510-22 and 1 8 USC '3121-27. Carnivore raises 
new legal issues that cry out for Congressional attention if we are to preserve Fourth 
Amendment rights in the digital age. 


The existence of Carnivore first came to light in the April 6 testimony of Attorney Robert 
Com-Revcre to the Constitution Subcommittee, Its operation was further detailed in a report 
that appeared in today's Wall Street Journal (copy attached). According to these reports, the 
Carnivore system - essentially a computer running specialized software- is attached directly 
to an Internet Service Provider's (ISP) network. Carnivore is attached either when law 
enforcement has a Title III order from a court permitting it to intercept in real time the 
contents of the electronic communications of a specific indi vidual, or a trap and trace or pen 
register order allowing to i t obtain the "numbers" related to communications from or to a 
specified target. 

But unlike the operation of a traditional a pen register, trap and trace device, or wiretap of a 
conventional phone line. Carnivore gives the FBI access to all traffic over the ISP’s network, 
not just the communications to or from a particular target. Carnivore, which is capable of 
analyzing millions of messages per second, purportedly retains only the messages of the 
specified target, although this process takes place without scrutiny of either the ISP or a court. 

Carnivore permits access to tire email of every customer of an ISP and the email of every 
person who communicates with them. Carnivore is roughly equivalent to a wiretap capable of 
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accessing the contents of the conversations of ail of the phone company’s customers, with the 
"assurance" that the FBI will record only conversations of the specified target. This "trust us, 
we are the Government" approach is the antithesis of the procedures required under our the 
wiretapping laws. They authorize limited electronic surveillance of the communications of 
specified persons, usually conducted by means of specified communications devices. They 
place on the provider of the communications medium the responsibility to separate the 
communications of persons authorized to be intercepted from other communications. 


Currently, law enforcement is required to ’’minimize” its interception of non-incriminating 
communications of a target of a wiretap order. Carnivore is not a minimization tool. Instead, 
Carnivore maximizes law enforcement access to the communications of non-targets" 

In his testimony to your subcommittee Mr, Com -Revere described the experience of his client, 
an ISP that was required to install Carni vore when presented with a trap and trace order. He 
detailed his client's concerns that a trap and trace order in the context of the Internet revealed 
information that Congress did not contemplate when it authorized their limited use. In the 
traditional telephone context, those orders reveal nothing more than the numbers dialed to or 
from a single telephone line. In the Internet context, these orders and certainly Carnivore, 
likely involve ascertaining the suspect’s e-mail address, as well as header information that may 
provide information regarding the content of the communication. 


As we have stated previously, the ACLU does not believe that it is clear that the Government 
can sene an order on an Internet service provider and obtain the e-mail addresses of incoming 
and outgoing messages for a particular subscriber. Further, it is not clear whether law 
enforcement agents use or should use authority under the pen register statute to access a 
variety of data, including Internet Protocol addresses, dialup numbers and e-mail logs. We 
certainly do not believe that it is clear that law enforcement can install a super trap and trace 
device that access to such information for all of an ISP’s subscribers. 

In light of the new revelations about Carnivore, the ACLU urges the Subcommittee to 
accelerate its consideration of the application of the 4th Amendment In the digital age. 
Legislation should make it clear that law enforcement agents may not use devices that allow 
access to electronic communications involving only persons other than a specified target for 
which it has a proper order. Such legislation should make clear that a trap and trace order 
served on an ISP does not authorize access to the contents of any communication - including 
the subject line of a communication - and that the ISP bears the burden of protecting the 
privacy of communications to which FBI access has not been granted. 

We would be happy to work with the Subcommittee on drafting legislation that protects the 
pri vaey rights of Americans. 


Sincerely, 


Laura W. Murphy 

Director, ACLU Washington National Office 

Barry Steinhardt 
Associate Director, ACLU 

Gregory T. Nojeim 
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Stronger Online Privacy Sought 

By D. IAN HOPPER 

x The Associated Press 


WASHINGTON (AP) - Lawmakers are seeking ways to shore up online privacy following reports of businesses selling custom* 
persona! information and an FBI system that hunts for suspects by scanning citizens’ e-mail. 

Sens. Patrick Leahy, Q-Vt, and Robert Torricelli, D-N.J., introduced legislation that would bar the sate of personal information 
kept by a defend company if the sale would have violated privacy policies in effect when the company was in business. 

Ihe bit! responds to the case of Toy smart, a former online toy retailer that put all Its assets, including Its customer records - 
such as names, addresses and credit card numbers - up for sale despite a privacy policy that assured customers the informal 
would remain private. 

The Federal Trade Commission filed a suit against Toysmart this week to stop the sate from taking place. Rep. Spencer Bach 
R-Ala., has already announced plans to Introduce a similar bii! In the House. 

”1! is wrong to use our nation’s bankruptcy laws as art excuse to violate a customer's persona! privacy,* the senators said in a 
tetter to colleagues asking for support for the bill. "Customers have a right to expect a firm to adhere to its privacy policies, 
whether it is making a profit or has filed for bankruptcy,* 

The legislators say they will try to include the bill In a larger bankruptcy reform package. 

TRUSTe, an organization that gives its sea! to Web sites that meet its privacy principles, blew the whistle on Toysmart in duns 

Earlier Wednesday, Waif Disney, the majority owner of Toysmart, said it has offered to purchase the company's fists and assure 
their confidentiality. * f 

in a related action, two legislators are going after "Carnivore,” a system in use by the FBI to monitor suspected criminals’ e-m; iff. 
Carnivore is installed at a suspect’s Internet provider and scans through ail incoming and outgoing mail, looking for messages 
belonging to the suspect. 

Privacy groups, such as the American Oral Liberties Union and the Electronic information Privacy Center, and some internet 
providers object to the system because internet companies have no control over the "black box.” They say it infringes upon ths i 
rights of individuals not involved with the FBI investigation. 

The ACLU sent a fetter to Rep. Charles Canady, R-Fls., detailing its concerns. Canady will announce Thursday the date for 
hearings on Carnivore, his spokesman said. 

House Majority Leader Dick Armey sent a tetter Wednesday to Attorney Generai Janet Reno and FB! Director Louis Freeh 
blasting the agencies and the Clinton administration for the "cybersnooping* system. 

The federal government has the power and the authority to collect and maintain vast amounts of private personal information,” 
wrote Armey, R-Texas. "This administration continues to demonstrate a cavalier attitude with that responsibility, * 

Also, Rep. Clay Shaw, R-Fta., will introduce a bil! Thursday aimed at stopping identity theft. The bill would prohibit the sate of 
Social Security numbers, which can be used to get credit card numbers, bank loans and accounts in another person's name. 

The FTC announced Wednesday that calls to their identity theft hot line are on the rise, at about 850 reports per week. 

"Identity theft is a terrible problem that has literally destroyed people’s lives and it must be stopped,” said Shaw who heads (hi i 
House Social Security subcommittee. 


On the Net: TRUSTe: hlip://www,tnjste,org 
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FBI Cybersnooping System Raises 
Additional Privacy Concerns 

Armey to Administration: Stay Out of My Inbox! 
July 12, 2000 



Related Links 

The e-Contract 

Rema fe trn t»e e- 
C ontract with High 
Tech America 


FB I Cybe rsn oopmg 
SvstemR aises 


House Majority Leader Dick Armey today called on Attorney 
General Janet Reno and FBI Director Louis Freeh to address the 
privacy concerns raised by the Federal Bureau of investigation's 
Carnivore system of monitoring email traffic. Armey issued the 
following statement: f 


This Administration doesn't have the best record on persona! privacy. It 
keeps repeating the same mistake over and over. 


Onl y Violate 
Persons! Privacy in 


fe the Gove rnment in 

About internet 
Emm! 


Last year, a draft Administration proposal for a computer network 
monitoring system called FIDNet surfaced. When I joined privacy 
advocates in questioning the legitimacy of a government system that 
could monitor private sector networks, the Administration backed off 
a bit from their original design. But it has yet to answer my question of 
why they intended to monitor private systems in the first place. 


Now the FBI wants to run a system that could sort through every' single 
e-mail message that passes through a commercial Internet sendee 
provider. I ask, why should we trust this Administration with our most 
personal correspondence? 

At a time when there is a lot of talk about concerns for Internet privacy, 
the Ciinton-Gore Administration continues to push Big Brother 
proposals that promote government cybersnooping. They seem tone deaf 
to the concerns people have about the government invading their 
privacy. The Federal government has the power and the authority to 
collect and maintain vast amounts of private personal information. This 
Administration continues to demonstrate a cavalier attitude with that 
responsibility. 

I call on Attorney General Reno and FBI Director Freeh to stop using 
this cybersnooping system until fourth amendment concerns are 
adequately addressed. 

Rotated Correspondence: 

* First letter to AG Reno 

* Second letter to AG Reno 

* Third letter to AG Reno 

* Privacy violations at ONDCP 

* Letter to the president on web privacy 


http://freedom.house.gov/library/technology/camivore.asp 
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* Letter to the IRS > 


updates! 
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acSes y y Up0a telecommunications to plan and execute their crffiai 

™f,!Lf law enforcement agencies to conduct lawful electronic surveillance of the 

suffix 

based upon a defendant’s own words. r , ie factuai tssues 
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Department of Justice (DOJ) official before the iocal United States Attorneys offices can 
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federal maoisSs frenTXniK Hence - u K niike typical search warrants^ 9 
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interception of communications is limited so certain specified federal feiony offenses 

Applications for electronic surveillance must demonstrate probable cause and sta<e 
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or ptace from which the subject's communications are to be interested a description of ^ 
fee types of conversations to be intercepted, and the identities of the persons committino 
he offenses that are anticipated to be intercepted. Thus, criminal elXnfc LrSS? 
laws focus on gathering hard evidence -- not intelligence. unemance 

Applications must indicate that other normal investigative techniques wflf not work or are 
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=hi^?Vr^ te - W - h f eir victims. Because many internet Service Providers (ISP) iacked the 
abii ty to discriminate communications to identify a particular subject's messages to the n 
exclusion of all others, the FBI designed and developed a diagnostic 

The Carnivore device provides the FBI with a "surgical” ability to intercept and collect the 
communications which are the subject of the lawful order while ignoring feose 6 

communications which they are not authorized to intercept. This type of too! is necessary 
to meet the stringent requirements of fee federal wiretapping statutes. necessary 

The Carnivore device works much tike commercial "sniffers* and other network diaonmiir 
.cols used by ISPs every day, except that it provides fee FBI wife a unique ability to ° S 
distinguish between communications which may be lawfully intercepted and those whirh 
may not For example, if a court order provides for fee iawtul interception of one tvoe of 
communication {e.g., e-mail), but excludes al! other communications feg online^ 
shopping) the Carnivore tool can be configured to intercept only those e-mails being 
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Statement for the Record of 
Donald M. Kerr 
Assistant Director 
Federal Bureau of Investigation 
Before the 

United States House of Representatives 
The Committee on the Judiciary 
Subcommittee on the Constitution 
Washington, DC. 

7 / 24/2000 

Good afternoon, Mr. Chairman, and Members of the Subcommittee. I am grateful for this 
opportunity to discuss the FBI's Internet and data interception capabilities and to help set the 
record straight regarding tins important issue. I would like to first discuss the FBI’s legal 
authority for conducting interceptions on the Internet, and then describe the technical means by 
which we intercept Internet communications in order to obtain evidence of Federal felonies. 

Two weeks ago, the Wall Street Journal published an article entitled "FBI's system to covertly 
search E-mail raises privacy, legal issues ” This story was immediately followed by a number of 
simitar repot ts in the press and other media depicting a part of our interception software - 
codenamed Carnivore as an ominous new technology that raised concerns about the possibility of 
its potential to snoop, without a court order, into the private E-mails of American citizens. I 
think that it is important that our statutory law enforcement authorities be discussed openly. In 
fact, this was the reason we chose to share information about this capability with industry experts 
several weeks ago. As technology continues its rapid evolution, it is essential for the public to 
know and understand their government is scrupulously observing the laws and the constitutional 
protections that guarantee their right to privacy. It is also very important that these discussions be 
placed into their proper context and that the relevant facts concerning this issue are made clear. I 
welcome this opportunity to stress that our capabilities are used only after lawful court ordered 
authorization and that they are directed at the most serious violations of national security and 
public safety. 
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The FBI performs interceptions of criminal wire and electronic communications, including 
Internet communications, under authorities derived from Title HI of the Omnibus Crime Control 
and Safe Streets Act of 1968 (as amended), which is commonly referred to as "Title IIP, and 
portions of the Electronic Communications Privacy Act of 1986 (as amended), or ”ECPA" Ail 
such interceptions, with the exception of a rarely used "emergency" authority or in cases involving 
the consent of a participant in the communication, are conducted pursuant to court orders. Under 
emergency provisions, the Attorney General, the Deputy or the Associate Attorney General may, 
if authorized, initiate electronic surveillance of wire or electronic communications without a court 
order, but only if an application for such order is made within 48 hours after the surveillance is 
initiated. Last year, the FBI obtained Title ill court orders in 327 instances. We did not initiate 
surveillances under emergency provisions of Tide III. 


Federal surveillance laws supplement the Fourth Amendment's dictates concerning reasonable 
searches and seizures to oral, wire and electronic communications. They also include a number of 
additional provisions which ensure that this investigative technique is used judiciously, with 
deference to the privacy of intercepted subjects. 

An application for a warrant to search a private residence must be presented under oath to a judge 
or magistrate who may issue the warrant only upon a finding of probable cause to believe that a 
crime has been committed, and that specified evidence of the crime will be found in the place to 
be searched. Applications for Title III interceptions of wire, oral or electronic communications 
must be presented to judges in the same way (magist rates are not authorized to approve Title ffi 
applications). However, before the application can even be submitted to the court, it must be 
authorized by a senior official of the Department of Justice (DOJ). Title III requires such 
high-level approval for applications to intercept oral and wire communications, except in the case 
of digital pagers, and DOJ policy requires the same level of approval for applications to intercept 
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electronic communications, even though the law would allow lower-level approval. 


Applications for electronic surveillance describe with particularity and specificity the particular 
offenses being committed, the communications facility or place from which the subject's 
communications are to be int ercepted, a description of the types of communications to be 
intercepted, and the identities o! the persons committing the offenses and anticipated to be 
intercepted. Under Title III, electronic surveillance for criminal investigations is permitted only 
for the purpose of gathering hard evidence- not intelligence. 


Applications must indicate that other normal investigative techniques have been tried and failed to 
gather evidence of crime, or wd! not work, or are too dangerous, and must include information 
concerning any prior electronic surveillance regarding the subject or facility in question. Court 
orders are initially limited to 30 days, with extensions possible, and must terminate sooner if t he 
objectives are obtained. Judges may, and usually do, require periodic reports to the court, 
typically every 1 7 to 10 days, advising it of the progress of the interception effort. This assures 
close and on-going oversight of the electronic surveillance by the United ‘States Attorney's office 
handling the case. Interceptions are required to be conducted in such a way as to "minimize the 
interception of communications not otherwise subject to interception" under the law, such as 
unrelated, irrelevant, and non-criminal communications of the subjects or others not named in the 
application. 


To ensure the evidentiary' integrity of Intercepted communications they must be recorded, if 
possible, on magnetic tape or other devices, so as to protect the recording from editing or other 
alterations. Immediately upon the expiration of the interception period, these recordings must be 
presented to the federal district court judge and sealed under his or her directions. The presence 
of t he seal is a prerequisite for their use or disclosure, or for the introduction of evidence derived 
from the tapes. Applications and orders signed by the judge are also to be sealed by the judge. 
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Within a reasonable period of time after the termination of the interception order, the judge is 
obligated by law to ensure that the subject of the interception order, and other parties as are 
deemed appropriate, are furnished an inventory that includes notice of the order, the dates during 
which the interceptions were carried out , and whether or not the communications were 
intercepted. Upon motion, the judge may also direct that portions of the contents of the 
intercepted communication he made available to affected persons for their inspection. 


A variety of sanctions are available to penalize interceptions conducted in violation of Title HI 
ECPA and the Fourth Amendment The evidence obtained through such unlawful interceptions 
can be suppressed. The illegal, unauthorized conduct of electronic surveillance is a federal 
criminal offense punishable by imprisonment for up to five years, a fine, or both. In addition, any 
person whose communications are unlawfully intercepted, may recover in a civil action against the 
person or entity engaged in the violation, damages, including punitive damages, attorney's fees 
and other costs. 


Once we obtain an order for surveillance of wire communications, we generally require technical 
assistance front the carrier or service provider. Such help is increasingly necessary the case with 
the advent of advanced communications services and networks such as the Internet. The days of 
connecting a pair of ailegator clips connecting a tape recorder to a copper wire phone are long 
gone. Title HI mandates service provider assistance incidental to law enforcement’s execution of 
electronic surveillance orders. Upon the request of the applicant, a court order authorizing the 
interception of communications may direct that a telecommunications “service provider, landlord, 
custodian, or other person shall furnish the applicant forthwith all information, facilities, and 
technical assistance necessary to accomplish the interception unobtrusively and with a minimum of 
interference with the services that such service provider, landlord, custodian, or person is 
according the person whose communications are to be intercepted. 11 
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In practice. Judges may sign two orders: one order authorizing the law enforcement agency to 
conduct the electronic surveillance, and a second, abbreviated, assistance order directed to the 
service provider, specifying, for example in the case of E-mail, the E-mail account name of the 
subject tha t is the object of the order and directing the provision of necessary assistance. 

Service providers and their personnel are also subject to the electronic surveillance laws, meaning 
that unauthorized electronic surveillance of their customers (or anyone else) is forbidden, and 
criminal and civil liability' may be assessed for violations. The prohibition on using or disclosing 
the contents of communications illegally intercepted, likewise extends to service providers and 
their personnel. It is for this reason, among others, that service providers typically take great care 
in providing assistance to law enforcement in carrying out electronic surveillance pursuant to 
court order. In some instances, service providers opt to provide “full" service, essentially carrying 
out the interception for law 1 enforcement and providing the final interception product, but, in most 
cases, service providers are inclined only to provide the level of assistance necessary to allow the 
law enforcement agency to conduct the interception. 


In recent years, it has become increasingly common for the FBI to seek, and for judges to issue 
orders for Title III interceptions more narrowly tailored than those in the early years of Title III 
existence that were directed against “plain old telephone services. ” To be successfully 
implemented, these orders require complex methods to ensure that only messages for which there 
is probable cause to intercept are, in fact, intercepted. The increased detail in court orders issued 
under Title III responds to two relatively recent developments. 

First, the complexity of modern communications networks, such as the Internet, and t he 
complexity of modern users' communications equipment require better discrimination than older 
analog communications. For example, Internet users frequently use electronic messaging services. 
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like E-mail, to communicate with other individuals in a manner reminiscent of a telephone call, 
only with text instead of voice. Such messages are often the targets of court ordered interception. 
Users also use services, like the world wide web, which looks more like print media than a phone 
call Similarly, some Internet services, like streaming video, have more in common with broadcast 
media like television, than with telephone calls. These types of communications are less commonly 
the t argets of an interception order. 
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Second, for many Internet services, users share communications channels, addresses, etc. These 
factors make the interception of messages for which law enforcement has probable cause, to the 
exclusion of all others, very difficult. Court orders therefore increasingly include detailed 
instructions to preclude the interception of communications that lie outside the scope of the order. 

In response to a critical need for tools to implement complex court orders, the FBI developed a 
number of capabilities including the software program that is known as "Carnivore.” The 
committee may be aware that internet transmissions are broken down into packets of information 
consisting of a string of words or symbols. Different packets from the same message often take 
different routes between the sender and the intended recipient. The various packets constituting a 
smgie message are labeled so that they can be reassembled and read by the recipient. The 
challenge for law enforcement Implementing a court order for interception of E-mail is to find and 
retrieve only those packets that are part of a message covered by the order. To do this, we 
developed a software solution to perform network analysis. This software runs on a standard 
personal computer running the standard Microsoft Windows operating system. It works by " 
sniffing" the proper portions of network packets and copying and storing only those packets 
which match a finely defined filter set programed in conformity with the court order. This filter set 
can be extremely complex, but it provides the FBI with an ability to collect only those 
transmissions which comply with pen register court orders, trap & trace court orders, and Title III 
interception orders. 
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it is important to understand what is meant by “sniffing. ” The problem of discriminating between 
users* messages on the Internet is a complex one. However, this is exactly what our software 
does. It does NOT search through the contents of every' message and collect those that contain 
certain key words like “bomb” or "drugs." It selects messages based on criteria expressly set out in 
the court order, for example, messages transmitted to or from a particular account or to or from a 
particular - user. If the device is placed at some point on the network where it cannot discriminate 
messages as set out in the court order, it simply lets all such messages pass by unrecorded. 

One might ask, “why use this program at all?" In many instances, ISPs, particularly the larger 
ones, maintain capabilities which allow them to comply, or partially comply with lawful orders. 

For example, many ISPs have the capability to “clone" or intercept, when lawfully ordered to do 
so. E-mail to and from specified user accounts. In such cases, these abilities are satisfactory and 
allow full compliance with a court order. However, in most cases, ISPs do not have such 
capabilities or cannot employ them in a secure manner. Also, most systems devised by service 
providers or purchased ’ off the shelf* lack the ability to properly discriminate between messages 
in a fashion that complies with the court order. Also, many court orders go beyond E-mail, 
specifying other protocols to be intercepted such as instant messaging. In these cases, a cloned 
mailbox is not sufficient to comply with the order of the court. 


Now, I think it is important, that you understand how we use the system in practice. First, there is 
the issue of scale. Carnivore is a small-scale tool intended for use only when and where it is 
needed. In fact, each one is maintained at the FBI Laboratory in Quantico until it is actually 
needed in an active case. It is then deployed to satisfy the needs of a single case or court order, 
and afterwards, upon expiration of the order, the device is removed and returned to Quantico. 

The second issue is one of network interference. Carnivore is safe to operate on I? networks. It is 
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connected by a high impedance bridge and does not have any ability to transmit anything onto the 
network. In fact, we go to great lengths to ensure that our system is satisfactorily isolated from 
the network to which it is attached. Also, if is only attached to the network after consultation 
with, and with the agreement of, technical personnel from the ISP. 


This leads to the third issue-that of ISP cooperation. To my knowledge, we have never installed 
this system onto an ISP’s network without assistance from the ISP’s technical personnel. The 
Internet is a highly complex and heterogeneous environment in which to conduct such operations, 
and I can assure you that without the technical knowledge of the ISP's personnel, it would be 
difficult, if not impossible, for law enforcement agencies to successfully implement and comply 
with the strict language of an interception order. The FBI also depends upon the ISP personnel to 
understand the protocols and architecture of their particular networks. 


Another primary consideration for using this system is data integrity. As you know, Rule 901 of 
the Federal Rules of Evidence requires the authentication of evidence as a condition of its 
admissibility. The use of the Carnivore system by the FBI to intercept and store communications 
provides lor an undisturbed chain of custody by providing a witness who can testify to the 
retrieval of the evidence and the process by which it was recorded. Performance is another reason 
for preferring this system to commercial sniffers. Unlike commercial software sniffers. Carnivore 
ts designed to intercept and record the selected communications comprehensively, without 
"dropped packets." 


In conclusion, I want to stress that the FBI does not conduct interceptions, install and operate pen 
registers, or use trap & trace devices without lawful authorization from a court. Over the last five 
years or more, we have witnessed a continuing, steady growth in instances of computer-related 
crimes, including traditional crimes and terrorist activities that have been planned or carried out, 
in part, using the Internet, 1 he ability of the law' enforcement community to effectively 
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investigate and prevent these crimes is, in part, dependant upon our ability to lawfully collect vital 
evidence of wrongdoing. As the Internet becomes more complex, so do the challenges placed on 

us to keep pace. We could no. do so without the continued cooperation of our industry partners 
and innovations such as the Carnivore software. 


I look forward to working with the subcommittee staff to provide mote information 

your suggestions on this important issue. I will be happy to answer any questions that you , 
have. Thank You. 


and welcome 
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American Civil Liberties Union 


Freedom Networic 


In Unique Tactic, ACLU Seeks FBI Computer Code 
On "Carnivore" and Other Cybersnoop Programs 

FOR IMMEDIATE RELEASE 
Friday, July 14, 2000 

Unton H i?lSw N t!^ r T h 1 S ay be **?*** W est of its Knd, the American Civil Liberties 
£ g - th f Federal Bureau of Investigation to disclose the computer source code 
and other technical details about its new Internet wiretapping programs. 

In a Freedom of Information Act (FOIA) request sent today to the FBI the ACLU is 
seeking all agency records related to the government e-mail "cybersnoop" programs dubbed 
Sms'S fcfl ? pe * k ’ including "letters, correspondence, tape recordings, 
technicifspSISSS" ’ COmputer source and ob -* ect code > technical manuals, [and] 

ST** " S0U I C 1 code I , {he set ofinstmetions for a program written by its creators, 
which is compiled into object code ’ which can be read by machines. 

"Right now, the FBI is running this software out of a black box," said Barry Steinhardt 
Associate Director of the ACLU and author of the letter. "The FBI is saying ‘trust ?s we’re 
^'body’s pnvacy.’ With all due respect, we’d like to determine tS for 

tb 1 re< 3 ue f for program source code is the first of its kind. But 
Stemhardt said that two federal appeals court rulings that computer code is a form of 

d J ffere ~ fr ? ra m Y °fo er wntten document, support the ACLUs demand under 

tafo^tatuly 8i¥K Amerira " S hmi riShfe ‘° ° bWn 

programs is necessary to determine just how the software operates and whether e-mSl 
pnvacy is being violated. 

of y ese foc^fogies "cry out for Congressional attention if we are to 
mem£rsof?on^s? dmen nghtS ,a dlgita! a S e >" the A CLU said in a July 1 1 letter to 

Revelations about the Carnivore program also prompted calls for disclosure from 

issued on July 12, House Majority 

Leader Dick Armey called on Attorney General Janet Reno and FBI Director Louis Free! 
addressed^’ ^ c ^ 8rsnoo P m ^ s y stem until Fourth Amendment concerns are adequately 

In addition, the House Judiciaty Committee Subcommittee on the Constitution has 
scheduled a hearing on the matter for Monday, July 24. The ACLU has asked to submit 
testimony to the Committee. 

The FBI has 20 business days to respond to the FOIA request. The ACLU is seeking a 
response on an expedited basis, the letter said, "because this information relates to 8 
impending policy decisions to which informed members of the public might contribute " 
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If our request is denied in whole or part, we ask that you justify all deletions by reference 
to specific exemptions of the act,” the ACLU letter concluded. y 


The ACLU's letter to the FBI follows. 


July 14, 2000 

Attention: 

John Kelso Jr. 

Federal Bureau of In vestigation 
Chief, FOI/PA Section, Rm. 6296 JEH 
Washington, D.C. 20535-0001 

Dear Mr. Kelso: 

We are writing pursuant to the Freedom of Information Act (5 U.S.C. Sec. 552) to request 
all agency records including letters, correspondence, tape recordings, notes, data 
memoranda, email, computer source and object code, technical manuals, technical 
toe folSvfng- ° r ^ ° ther m3terials held b >’ the federal Bureau of Investigation regarding 

1 . The computer system, software or device known as "Carni vore”, which has been or is 
currently used by the FBI in connection with trap and trace and pen register orders 
served on Internet Service Providers or in connection with orders for the interception 
ot the content of electronic communications served on Internet Sendee Providers; 

2. The computer system software or device known as "Omnivore”, which has been or is 
currently used by the FBI m connection with trap and trace and pen register orders 
served on Internet Service Providers or in connection with orders for the interception 
or toe content of electronic communications served on Internet Service Providers, and 

3. The computer system, software or device known as "EtherPeek”, which has been or is 
currently used by the FBI m connection with trap and trace and pen register orders 
served on Internet Service Providers or in connection with orders for the interception 
ot the content of electronic communications served on Internet Service Providers. 

We seek a waiver of fees associated with the fulfillment of this request for all search and 
processing fees, pursuant to Section 552(a)(4)(A)(ii)(II) of the Freedom of Information Act. 


b ~ u , r , vv ui uuunxiauon ac 

Kecor as are not sought for commercial use, and as a representative of the news media* the 

American Cm! Liberties Foundation (ACLU Foundation) qualifies for a fee waiver wider 
this provision of the FOIA. The organization meets the criterion laid out in Nation al 
{security Archive v. Department of Defense, where a representative of the news media is 
defined as an entity that "gathers information of potential interest to a segment of the 
pubhe" and "uses its editorial skills to turn raw materials into a distinct work and 
distributes that work to an audience." 881 F, 2d at 1387. The ACLU Foundation publishes 
newsletters, frequent press releases, news briefings, right to know handbooks and other 
materials that are disseminated to the pubhe. Its material is widely available to everyone 
including tax exempt organizations, not-for-profit groups, law students and faculty for no 
cost or for a nominal fee through its public education department. The ACLU Foundation 
disseminates information through publications available on-line at www.aclu.org as well. 

In addition we request a fee waiver for duplication costs because disclosure of this 
information is m the public interest. It is likely to contribute significantly to the public 
understanding of the activities of the government The ACLU Foundation is a nonprofit 
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a rese . arc ^ 1 organization working to increase citizen partkiDatior* in 

governance issues. Hie ACLU Foundation is mstino fKic 'r&rfti&ei ifP-. it ^ 


technology and the rapid gmwftoS World wSle Web SfdSnSfhf, , 
increased the communications interconnectedness of all the countries in die world' 6 great y 
especially technologically advanced nations like the OS and the Netherlands. 

toeXS noSlS reVi f W ? P m re( 3 u cst because this infomtation relates to 
unpendmg policy decisions to which mfenned members of the public might contrihnfie. 
Timely public access to these materials is necessary to fully inform fhe^S^wi 
issues surrounding conununications interception X* 

SDed/cevpmiwtf^f? Wh ?w 0rpartl we ask {hat you justify all deletions by reference to 

552(a)(6){A)(U d t0 >0UI Wlt * im 20 busmess da >' s > as the statute requires under Section 

Thank you for your assistance. 

Sincerely, 

Bany' Steinhardt, Esq. 

On behalf of the ACLU Foundation 


moot ( KM 
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ACLU Urges Congress to Put a Leash on "Carnivore” 

And Other Government Snoopware Programs 

FOR IMMEDIATE RELEASE 
Wednesday, July 12, 2000 

WASHINGTON — Law enforcement officials using new surveillance technologies online 
are racing far ahead of established privacy law and must be reined in, the Amencan Civil 
Liberties Union said today. 

In a Msrsent to Charles T , Canady, R-FL, Chair of the Constitution Subcommi ttee of the 
House Judiciary Committee, and ranMng member Melvin L. Watt, D-NC, the ACLU said 
tlist the unbridled uses of these technologies f, cry out for Oongressionsl attention if we etc 
to preserve Fourth Amendment rights in the digital age." 

Specifically, the ACLU sharply criticized the FBI's new online wiretapping program 
dubbed “Carnivore that uses Internet Sendee Providers (ISPs) to intercept and analyze 
huge amounts of e-mail from suspects and non-suspects alike. 

It is high time that lawmakers put a leash on Carnivore and other government schemes that 
go way beyond what Congress authorized under the Electronic Communications Protection 
Act," said Laura W. Murphy, director of the ACLU's Washington National Office and an 
author of the letter. 

Currently, law- enforcement is required to "minimize” its interception of non-incriminating 
communications of a target of a wiretap order. But Carnivore does just the opposite, 

Murphy said, by sweeping in e-mails from innocent Internet users as well as the targeted 
suspect. , 6 

B arry Steiohardt, Associ ate Director of the ACLU and an author of the letter, said that 
mipiementing Carnivore "is comparable to allowing government agents to rip open Post 
Office mailbags and scan every piece of mail in search of one speci fic letter whose address 
they already know.” 

He also noted that while the system is plugged into the ISP, it is controlled solely by the law 
enforcement agency. In a traditional wiretap, the tap is physically placed and maintained by 
the telephone company. J 

pe snoopware program first came to light during an April 6 hearing before the Constitution 
Subcommittee. The Carnivore system - essentially a computer running specialized 
software- is attached either when law enforcement has a court order permitting it to 
intercept in "real time” the contents of the elec tronic communications of a specific 
individual, or a trap-and-trace or pen register order allowing to it obtain the numbers related 
to communications from or to a specified target. 

But "in the Internet context," the ACLU letter said, “these orders and certainly Carnivore 
likely involve ascertaining the suspect's e-mail address, as well as header information that 
may provide information regarding the content of the communication." 

In urging Congress to accelerate its consideration of applying Fourth Amendment principles 
in the digital age, "we would be happy to work with the Subcommittee on drafting 
legislation that protec ts the privacy rights of Americans,*' the ACLU l etter said. 
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the April 6 hearing. 


plated development, the ACLU has criticized other government surveillance 
schemes, mcludmg a global electronic surveillance system - known by the code name of 

wo r l d vri de" **** 58 captunng sale51lte > microwave, cellular and fiber-optic communications 


The ACIXPs letter on Carnivore is online at: j^//ww w t ae1a.org/congressA071 I rina hbp f 

For more information on the April 6 hearing, click 
fojKfew.achi.or^ 

For more information on "Echelon," go to http://www. 
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July 11,2000 
VIA FAX 

Hon. Charles T. Canady, Chairman 
Constitution Subcommittee of the 
House Judiciary Committee 
362 Ford House Office Bldg. 
Washington, D.C. 20515-6220 


Hon. Melvin L. Watt, Ranking Member 
Constitution Subcommittee of the 
House Judiciary Committee 
362 Ford House Office Bldg. 
Washington, D.C. 20515-6220 


Dear Representatives Canady and Watt: 



' — «vv,„ v ,*v wAMuvimHtuj vu ijuci^epi ana analyse 

huge volumes of email. The Carnivore system gives law enforcement email interception 
capabilities that were never contemplated when Congress passed the Electronic 
, f ^ riva ?y Act (hCPA), codified in relevant part at 1 8 U.S.C. 25 1 0-22 and 

IK UhC 3121-27. Carnivore raises new legal issues that cry out for Congressional attention 
if we are to preserve Fourth Amendment rights in the digital age. 

The existence of Carnivore first came to light in the April 6 testimony of Attorney Robert 
Com-Revereto the Constitution Subcommittee. Its operation was further detailed in a report 
mat appeared m today's Wall Street Journal (copy attached). According to these reports the 
Carnivore system - essentially a computer running specialized software- is attached 
directly to an Internet Seryice Proyide-r's (ISP) network. Carnivore is attached either when 
law enforcement has a Title III order from a court permitting it to intercept in real time the 
contents of the electronic communications of a specific individual, or a trap and trace or pen 
register order allowing to tt obtain the "numbers" related to communications from or to a P 
specified target 

But unlike the operation of a traditional a pen register, trap and trace device, or wiretap of a 
conventional phone line, Carnivore gives the FBI access to all traffic over the ISP's 
network, not just the communications to or from a particular target. Carnivore which is 
capable of analyzing millions of messages per second, purportedly retains only the 

fiCd tafget ’ aitll0U§h this P roce ss takes place without scrutiny of either 


Carnivore permits access to the email of every customer of an ISP and the email of every 
person who communicates with them. Carnivore is roughly equivalent to a wiretap capable 
of accessing the contents of the conversations of all of the phone company's customers with 
the "assurance” that the FBI will record only conversations of the specified target This* 

'trust us, we are the Government" approach is the antithesis of the procedures required 
under our the wiretapping laws. They authorize limited electronic surveillance of the 
communications of specified persons, usually conducted by means of specified 
communications devices. They place on the prorider of the communications medium the 
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responsibility to separate the communications of persons authorized to be intercepted from 
other communications. 



Currently, law enforcement is required to "minimize” its interception of non-incriminating 
communications of a target of a wiretap order. Carnivore is not a minimization tool. Instead 
Carnivore maximizes law enforcement access to the communications of non-targets. 


In his testimony to yo ur subcommittee Mr. Com-Revere described the experi ence of his 
client, an ISP that was required to install Carnivore when presented with a trap and trace 
order. He detailed his client's concerns that a trap and trace order in the context of the 
Internet revealed information that Congress did not contemplate when it authorized their 
limited use. In the traditional telephone context, those orders reveal nothing more than the 
numbers dialed to or from a single telephone line. In the Internet contex t, these orders and 
certainly Carnivore, likely involve ascertaining the suspect's e-mail address, as well as 
header information that may provide information regarding the content of the 
communication. 


As we have stated previously, the ACLU does not believe that it is clear that the 
Government can serve an order on an Internet service provider and obtain die e-mail 
addresses of incoming and outgoing messages for a particular subscriber. Further, it is not 
clear whether law enforcement agents use or should use authority under the pen register 
statute to access a variety of data, including Internet Protocol addresses, dialup numbers and 
e-mail logs. We certainly do not believe that it is clear that law enforcement can install a 
super trap and trace device that access to such information for ail of an ISP's subscribers. 

In light of the new revelations about Carnivore, the ACLU urges the Subcommittee to 
accelerate its consideration of the application of the 4th Amendment in the digital age. 
Legislation should make it clear that law enforcement agents may not use devices that allow 
access to electronic communications involving only persons other than a specified target for 
which it has a proper order. Such legislation should make clear that a trap and trace order 
served on an ISP does not authorize access to the contents of any communication - 
including the subject line of a communication - and that the ISP bears the burden of 

protecting the privacy of communications to which FBI access has not been granted. 

* 

We would be happy to work with the Subcommittee on drafting legislation that protects the 
privacy rights of Americans . 


Sincerely, 


Laura W. Murphy 

Director, ACLU Washington National Office 

Barry Steinhardt 
Associate Director, ACLU 


Gregory T. Nojeira 

Legislative Counsel, ACLU Washington National Office 

cc: Members of the Constitution Subcommittee of the House Judiciary Committee 


[legislative Archives! i1Mh.Cqngreg,s,|s|ugs} {Congress Qvftrvipwl fHow to Use this Sectionl 


HOME 1 SEARCH i FEEDBACK 


CmdtM TkeAmtrttan CbU L&eriits Utsien 


2 Of 2 


5/24/02 Release - Page i?4 . 

7/24/00 11:31 AM 








°* X0 “ ** ' C ” iV< ’"' W “'’ D “ ^«rd^ £e «doc.xp?A^..EXT^53 M lJu m « !cw 



» alt.privacy,spyware 


» Fftfpm: aitprivaey .spyware 
» ISaag: ‘Carnivore* Wont Devour Cyber-Privacy 

» Message 1 1 of 1589 

Subject: Re: ‘Carnivore* Wont Devour Cyber-Privacy 

Date: 07/22/2000 

Author: huskv <ebminfa(85riioSs»s 


.Save, W? this?, d 


Career 
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Message segment 2 of 2 - Get i 
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if you give up your persona! privacy, every other freedom will follow shortiy. Though for my 
bucte. ! say let carnivore loose. Whether carnivore does tts'teb or not has little tel#^ 
whether or not your health or credit records are safe, if youVe posted your credit card 'Iwwhere 

• \. ■ <• v; •.-■ . • •• • • ;•%•>•••/ 

^Fixing the relationship between Washington and Silicon Valley needs to 

^op priority for the next administration. The only people beriefiteng ' ' • ' 

> controversies like the one over Carnivore are terrorists, criminals and : -./i-Cf 

> rogue states. -^-7? : 
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» altcomp.freeware 


*> sltcompYreewar* 

>> I fe£gM: British law would allow polled to Intercept e-mail 

» Message 2 of 1589 

Subject: Re: British law would allow police to Intercept e-mail 
Date: 07/24/2000 

Author: T*tiiesln2 < t3llesin2@eafthlmk,net > 

fctttu .l fll i ji j « previous In 

Message segment 1. of 2 - Get Next Segment - Get All 2 Seam? 

URGENT ACTION ITEM! Congress agrees to hold 1 

hearing on Monday in response to public outrage 
over FBI's e-mail spy scheme ‘ 


next in search » 


• - : ■ ^ V' - : -V ” - •• - - •• 

you are receiving this alert because you participated in M&d-z 
DefendYourPffvacy.com^ successful 1999 campaign against the 
FDIC^ proposed Know Your Customer bank spying regulation, if 
you do not want to receive further updates, please use the 
unsubscribe directions at the end of this message. 


* immediate action required: Help us Kill the V ; : : . ' L L ' 

Carnivore! • \ v. * r '• ^ 

On July 14 we issued e press release about an FBI cybersnooplng device ^e-named' 
Carnivore, which can scan millions of e-malts per second. Because Carnivore has unlimited 
ppwer to spy on almost eveiyone with an e-mail account* H may^be the biggest threat to your 

privacy ever/ ; , ' ' ;T ^ ' 

Almost immediately after. die existence of this project was disclosed in aJulyll Wall Street • 
Joumafarticfe, oubtic outnaae heoan to mohof -i- mA 


Politicians on 


an TnveSSga&oh* into 


Toward this e-mail to 


developed at its lab in Guantico* Va. Dubbed Carnivore bacausa.of its ability to find *th© meal* 
among millions of e-mails, Carnivore scabs every. ^IrKomSitg Iin3oi&oing e^nan message on a 
network looking for'tetete«^;vn«»HMi 4 and saves those^Ossages for later retrieval by 
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The FBI admits that Carnivore will scan millions of e-mail l^noc^ : 

finds ^y.nu!^ : 4.me^a9e$from people suspected pittim&M&UM different than# the 

FBI opened evervone^ mail hooino to find & tetter fmm » rrimte-ai r\r An AuaniAnA^ 


Though Carnivore’s existence was fust publicly revealed, the FBI has already 

device at dozens of internet Service Providers (ISPs) around .the country,: and claims jit Ms 
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Many isps have refused to allow the FBI to install Carnivore, qting coricsms.that^ the privacy^ 
of a > X . customers could be violated. But earlier this year, a federal judge ruled against brie 
SUCh ISP* teaViriQ It HO Choice but to allow the FBI aortas fri ff* 5 


Predictably, the F 8 i promises to limit surveillance to messages frote suspected hackers*-.’ 
terrorists, pr dnig defers/ But considering that this is the same agency that quietly inserted : 
roving telephone tap* authority into federal law and illegally turned over confidential personnel 
files to the Clinton .V^hite House* you shouldn't be expected to trust ft with yourobriftdsritialV^'.- 
e*mans; : :-v "• ;•■>. *•>“/ ■ ?v ; •; ' ' •; vV^V c ? ■• •• •.' 

But Carnivore is more than a threat to your ordinary e-mail V;?";' : r/vf 

correspondence - ft also gives government bureaucrats the ability to spy on your online 
banking transactions, because ft has the ability to monitor afi digital communications; Th© 
bottom line is that your privacy won't be protected as long as Carnivore is on the loose. 
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Telecoms Miffed at FBI Meddling 

fay Peelan McCu»a ? fr 

3:00 a.m. jyf, 8, 2000 POT 

t ? de assodstion this week criticized a recent FBI move to thwart the $S 5 
billion sale of ISP Veno to a Japanese Firm, * 

The FBI's ob j ections that the Fed agency may not be able to conduct the kind of Internet 
surveilfance it desires are specious, said the Computer and Communications Industry Association, 


Everybody’s got issues in Politics 
/■fore Fundi ncrfor FBI Snooping 


I of 2 


“In taking this action the FBI runs the serious risk of frustrating the openness of Internet 
communications, infringing our civil liberties, and damaging our relations with important trading 
^ >S ? i S3id Ed B ac ^' President of the CCIA. The groups’ members include AT&T, Norte! Nokia 
and NTT America, the Japanese company which hopes to purchase Verio. 

Last £® a f' the FBI MQsypcgssfuiiy^sskgd the Internet Engineering Task Force to build wiretap 
capabilities into protocols, FBI Director Louis Freeh has, in the past, asked Congress for domestic 
controls on data-scrambling encryption products and successfully pressed for a "digital telephony" 
Feds ^ ^ requires telephone companies to ensure that their networks are able to be tapped by the 

Anti-anonymity; If you criticize a Pennsylvania judge online, be warned: You may not be as 
anonymous as you thought y 

Thin-skinned Superior Court Judge Joan Orie Melvin in earfy 1999 sued over a dozen “John Does" 
that she suspected of posting messages on a muckraking site devoted to Pittsburgh politics, 

A judge who recently heard arguments in Melvin’s case will decide whether or not to unmask the 
folks who partic'pated in the “Grant Street 99" site, according to an artirte in the Pittsburgh 

* * * v AvflCfi 

the J f hn .?f eS/ indudm 9 ar >e who reportedly alleged that Judge Melvin was 
engaged in surreptitious and — if true — unlawful partisan political activity* 

Bill Joy a Killjoy? An article on the website of the conservative National Review takes aim at Bill 
Joy of Sun Microsystems, who recently raised eyebrows when he warned of the dancers of 
unregulated technology, 9ereof 

Authors Glenn Reynolds and Dave Kopel said Joy’s article, published earlier this year In Wired 
Magazine, is an example of "neo-luddite sentiment," 

"More generally, Luddite intellectuals are successfully propagating ’the precautionary principle ’ 
which states that we should never try anything new unless we are certain that ft is absolutely ‘ 
safe... Even worse, ’’relinquishment" would probably accelerate the progress of destructive 
nanotechnology. In a world where nanotechnology is outlawed, outlaws would have an additional 
incentive to develop nanotechnology," the National Review authors wrote. 

Upcoming events; Two U.S. senators are holding a briefing on medical and genetic privacy on 
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